In our last blog, “The 7 deadly sins of IT security” we discussed seven basic errors that can put your organisation at major risk. In this post we will explore the most common firewall failures and share some advice on how you can avoid them.
As security threats intensify and cyber criminals perfect their techniques, a reliable firewall solution is your first line of defence, shielding you from the malware and viruses bombarding your network every day.
Traditional firewalls as we know them serve two basic purposes: stopping the “the bad guys” getting unauthorised access to our network, and allowing the “the good guys” from our internal network to access resources on the Internet. Today’s “next generation firewalls” need to do a whole lot more to stay up to speed with attackers intent on mastering their insatiable bid to compromise systems.
There are a number of ways that your firewall can let you down. Here we look at the three most common reasons for firewall failures.
1. Misonfiguration
IT professionals spend a lot of time worrying about firewall flaws and vulnerabilities, but according to Gartner research, 95% of all firewall breaches are caused by misconfiguration, not flaws.
Firewalls are an essential part of your network security, and a misconfigured (or overly complex) firewall can damage your organisation in more ways than you think, leaving holes for cyber criminals to get through.
Many organisations don’t take time to define workflows when configuring their firewall. They mash different rules together and end up with a very broad policy configuration, leaving their network in a perpetually exposed state. Ensure that you carefully define your network policies and follow the principle of least privilege – giving the minimum level of privilege that the user or service needs to function normally.
2. Poor performance
The increasing number of devices and applications used in organisations today is constantly pushing the limits of network performance. You need to ensure that your security solution doesn’t become a bottleneck.
When your firewall becomes overloaded you experience high CPU usage, low throughput and slowing down of applications. As well as this, application performance may be seriously degraded. To alleviate these issues, you may want to think about upgrading your hardware (although this may not be an immediate option) or you might be forced to turn off some firewall features leaving opportunities for attackers. Some of the resource-intensive features include Intrusion Prevention Systems (IPS), which examine network traffic flows to detect and prevent vulnerabilities. Another added feature is application control, which allows you to easily monitor and manage social media application traffic.
3. Incompatibility
Older generation firewalls are outdated, and often incompatible with current technologies, such as IPv6 and cloud-based applications. They are therefore not capable of protecting against sophisticated threats. Organisations can no longer afford to neglect their perimeter security appliances.
Finally, when investing in a firewall it is important to make sure that integrates with other security protocols that you may be employing, such as email encryption, web filtering, wireless protection, and mobile access control and endpoint protection. A comprehensive reporting tool which will provide you with full visibility of real time traffic and allow you to trouble shoot incidents will also pay dividends in the long term.
FREE WEBINAR
Anatomy of a CryptoWall attack and how to keep your business safe
28th April, 1pm
In this webinar, Datapac and Sophos experts will go beyond the hype and headlines to take a deeper look at ransomware attacks. They will investigate how ransomware works, and analyse the tricks used by cyber criminals to make it so powerful. Finally, they will provide invaluable advice about how to coordinate your security defences, and keep your organisation safe from malicious hackers.
Learn more and register >>
Register for upcoming events
-
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency."
-
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation."
-
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard."
-
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.”
-
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.