As we are nearing the end of Cybersecurity Month, we saved one of our favorite topics for the grand finale. And the exciting subject is… FIREWALLS! Firewalls have been around for decades and their primary purpose is to block network and data traffic based on rules. Out of the box, firewalls will stop unauthorized people from accessing your server, network, and computer while allowing you to access the network and Internet.
In general, there are two types of firewalls: Software-based and hardware-based. Software-based is a firewall that is installed on a computer or server, and in most cases, these are disabled or relaxed when the system is on a business network. When a laptop is outside of an organization, that is when a software-based firewall is protecting your systems, especially on public wireless networks, such as at a Starbucks or library. Hardware-based firewalls have a much larger role and they are designed to protect an entire organization and always on. During this article, we are going to focus on hardware-based firewalls.
First, let me answer the initial newsletter’s question: Firewalls are NOT all the same. Prices can range from $80 all the way up to $3,000 with a yearly maintenance agreement, and their features and functionality will differ across the board. I can tell you that we are never pushing clients to get the most expensive firewall because you don’t need a Ferrari to get to the grocery store. With most small and midsized businesses (SMBs), a typical business-class and quality firewall will cost approximately $400 (one-time).
Here are the features that you should be looking for in a business-class firewall:
- Throughput: With all firewalls, there is a limit to the amount of data that can be pushed through. Historically this was never an issue, but as we are seeing very high speeds of the Internet, such as 1Gbps (fiber) and 500 Mbps (coax or 5G cellular), some of our old client’s firewalls can’t handle it. What that means is that you are only as fast as your maximum link, so if your firewall can only handle 250 Mbps, then that’s all you’ll get with your 1 Gbps connection.
- VPN: With remote workers, having a secure remote solution via VPN is critical. Some firewalls have built-in VPN licenses for up to 256 users, while others require you to pay for licenses which could be $50/user. Also, if you have multiple locations or offices, you’ll need to consider a firewall that offers site-to-site VPN which allows for a seamless and “always-on” option between locations.
- Security functionality: Some firewalls offer to streamline security pieces, such as scanning for viruses, SPAM, and application filtering. What this extra layer of security offers is protection from malware on top of your existing e-mail and website protection solutions. When carving out your malware protection, it is always best to have a layered approach
- Quality of Service (QoS): If you are a business that has Voice Over IP (VoIP) then this is a must-have function! What QoS allows you to do is prioritize your voice traffic over other Internet traffic such as surfing the web, streaming audio, or watching a movie. To ensure that your voice calls via VoIP are of the highest quality, a proper configuration of QoS is necessary.
- Failover: If you are looking to ensure that your business Internet is always up, you can have a secondary Internet connection. If the firewall detects your primary connection goes down, it seamlessly failovers your systems and users to the backup Internet.
To discuss further the benefits of a more powerful and advanced firewall, please reach out to Frank at fstephens@onlineCTS.com or (847) 894-6304. Together we are in this ongoing battle in keeping businesses safe!