Take a moment to imagine something with me. You’re at home, you’ve had a long business day and you sit down to your computer to get some home stuff done. You know this sort of thing, returning emails, paying bills, maybe listen to a podcast. You notice that everything on your computer is running incredibly slowly. Over a few days, you notice that your computer is only slow when you’re at home You call for help, your regular I.T. guy has no idea what’s wrong. Can’t explain it and so calls in an expert. The expert spends some time looking at logs, analyzing your computer and your network equipment logs. He asks to see your security camera DVR and then your home TV DVR and then the wall system panel you used to control your heating and air conditioning and your security cameras. And your home lighting system. that you’ve been hacked.
Not only is your home router passing traffic from a dozen foreign countries hosted on your home security DVR. But literally, every internet of things device on your network is at risk of being taken over and should be flashed back to factory defaults. The company that installed the security cameras is so embarrassed they take the DVR back and give you a completely new one. This time with the default admin name The router must be replaced with a more full-featured firewall and you need strong security software installed on your computer at home. Yours advised to take the same precautions at work if possible and to talk to your work I.T. department about the experience to determine if your work has been exposed to similar threats.
A Threat can be made against any Potential hack or Unpatched software or Hardware exploit or Social hacking technique to gain access to protected data to which they have no claim or right. An Exploit is A vulnerability that is known, documented and may be used by hackers. Hacking is the Act of taking advantage of an exploit and gaining unauthorized access to data. Interestingly, Hacking is not simply accessing data For a Hack to be a Hack there has to overcome a security system to gain access to data. Essentially it’s like breaking down a door to get in a house versus walking through an open door. that you don’t care if someone enters.
Table of Contents
What is A firewall?
Firewalls are all about Locking the door and granting access very specifically both in and out through that door. That metaphor won’t be useful beyond this point but it serves to give you the idea here at the beginning. A Firewall is just one type of protection available to data security professionals. But it is the most fundamentally important protection for a network.
A firewall is a layer of security that is placed between an untrusted network and a network or device you want to protect.
Types of firewalls
There are many types of firewalls and we will cover each of them over the next few paragraphs.
- ISP-provided firewall/routers
- Home network class firewalls
- Personal host-based firewalls
- Small organization-class firewalls
- Enterprise-class firewalls
- Distributed firewalls
- Provided and configured by ISP
- Includes basic Wf-Fi
- Included with service
- Well known by hackers
- Exploits well documented
- Limited protections
- Easily overcome
The router you likely have is the one provided by your Internet service provider. This router will frequently have basic firewall functions built-in, which frankly is better than having no protection at all. Many ISP routers include limited Wi-Fi functionality as well, but usually, these wireless connections are minimally configurable and are not easily expanded beyond the device itself to provide coverage to larger physical spaces, such as an office building, large hours, or extending coverage to outdoor areas.
The downside to using the firewall included with your ISP’s equipment is that ISP’s are known for providing only a few models of hardware to their customers with admin settings and available exploits that are well documented among hackers. These exploits are typically well documented and easily applied. Firewalls of this type are basic, providing limited protection. In general, these types of firewalls are easily overcome by attackers, which is why in most cases, it is advised to replace them with more advanced equipment.
Home network class firewalls
- AI-based network protection
- Advanced firewall capabilities without needing advanced firewall knowledge
- Friendly, competent tech support
- Bundled per device software
- Inexpensive licensing
- Limited bandwidth options
- Minimal custom configurability
- Usually lacks inbound VPN capabilities
- Blindly trusting that vendor will always do the right thing
In a home environment, the next step up would be a firewall appliance designed for home users. These security appliances have advanced firewall capabilities that use artificial intelligence, in some cases, to monitor and protect your network. No advanced configuration skill is needed to set one up. Most options come bundled with computer or mobile device protection software you can install on all of the devices that you own. Because these appliances are designed for home use, they typically have inexpensive licensing. If you’re a mom or a dad looking to just protect your home and kids, and you have no interest in becoming a network admin, please do yourself a favour and go for this type of option. The downside to a home security appliance is they usually have limited custom configurability for special networking needs. For example, typical home firewalls do not have inbound VPN Server capabilities.
- Advanced features, like SDWAN quality of service optimization, intrusion prevention and detection
- Guaranteed uptime SLAs
- Higher-bandwidth options
- Costly licensing
- Requires highly trained and expensive administrators either on staff or on contract
At the next level up, you get into enterprise-class firewalls, which come in a huge variety of brands, speeds and capabilities. These devices are intended to support more connections and services like video calls, VOIP connections and streaming YouTube videos simultaneously to 10’s or 100’s of thousands of devices at a time. Which means each choice of firewall in these enterprise device class devices will need to be carefully designed to meet the needs of the intended user base and network traffic expectations. These enterprise-class devices are always expensive and require extensive training and experience to administer effectively.
- Too much flexibility for an untrained or inexperienced administrator
- Exposure to misconfiguration risk
- Open-source software may not work as intended, so testing is even more important than usual before updates
Open-source firewalls benefit from a free to distribute and update software model that is supported by an open-source community. These devices, typically, have a large variety of plug-ins and options that you can design into your deployment. The flexibility of an open-source option may be too much for an untrained or inexperienced administrator to handle. But if you’re a professional or want to become one, or if you’re a hobbyist with the interest, I believe open-source options are, by far, the most fun and sometimes the most unforgiving way to learn.
Pre device software firewall
- Supplement network firewalls
- Protection anywhere
- Preinstalled with all major operating systems
- Easy to configure and enable
- Only protects the device on which it is installed
- No centralized organization-wide control
- No centralized organization-wide reporting
There are software firewalls that come pre-installed in any of the major operating systems. They supplement network firewalls by protecting the device locally, therefore, providing protection to that device anywhere it goes. They’re easy to enable. The downside of local firewalls is that they only protect the device on which they are installed. They don’t provide any protection to other devices on the network. And they also do not provide any kind of organization-wide controls or reporting for a network admin.
- Protection from insider attacks
- Protection against successful network firewall breaches
- Protection against unauthorized network access, including Wi-Fi, IoT, and embedded systems attaches
- Additional cost added to already expensive network firewall licensing expenses
Distributed firewalls are an entirely different type of system designed to protect each host on your network locally and individually while adding the benefit of global organization-wide reporting and controls. The only real downside is the additional cost distributed firewalls bring to the table.