If you’re operating without a firewall or you’ve never checked your settings, your network may be at risk.
Without a firewall, your employees’ and clients’ personal information, credit card details, and data could be at risk, alongside all your other essential company data. Your operating system and devices and hardware may also be at risk.
It’s important to know what you have in place to protect your data and networks. Alongside virtual private networks and anti-virus software, you’ll want to ensure you have a solid firewall system in place.
Before you check into your system, it’s important to know what kind of firewall you have and whether it’s the right system for your business. Let’s start with the basics.
What is a Firewall?
A firewall is a network security device that acts as a defence system for your network. It monitors incoming and outgoing network traffic and decides what to allow and block.
There are many types of firewalls, and the language surrounding them can be quite technical and complex. Here’s a basic overview of each main types in layman's terms:
Packet Filter Firewalls
This is the oldest and simplest form of a firewall. It’s also known as static filtering.
When a data “packet” arrives at the firewall, it checks it over. It may look at the packet type, the IP address, the port number, and other information. Then it uses a specific set of rules to filter some types of packets out and allow others entry.
Deep Packet Inspection (DPI)
DPI is a type of network packet filtering that dives a little deeper than plain packet filtering. Where plain packet filtering only inspects the “headers” in a packet, deep packet filtering dives into the data within the packet to determine if it’s safe, should be blocked, or needs to be redirected.
Proxy Firewalls (Application-Level Inspection)
The information “packet” that arrives at the firewall is stopped by an extra layer of security at a proxy firewall. A proxy inspects the packet and reaches out to connect with the sender using a proxy server before letting the packet through.
Proxies may also contain deep level inspections and look at the transmission control protocol (TCP) handshake. Proxy firewalls create an extra application layer. This provides extra distance between the private network and the packet. However, proxy firewalls can cause significant slow-down in operating systems.
Circuit Level Gateway Firewalls
A circuit level gateway is another simple form of a firewall. When a packet arrives, it looks at several components of the TCP handshake to make that decision. However, it’s not enough to guard your network on its own because it doesn’t inspect the packet itself; only the handshake.
Next Generation Firewall (NGFW)
NGFWs tend to have more rounded systems in place, although there’s no solid definition for what mechanisms they use. They may include deep packet inspection, handshake inspection, and application-level inspection. Another aspect may be intrusion prevention systems (ISPs) to prevent attacks.
Which system do you need?
The answer is: don’t settle for just one.
Each type comes with its own pros and cons. Enhanced security typically comes at the expense of operating speed. But a single firewall has the potential to miss certain threats.
At Alt-Tech, we use a proprietary firewall system that’s been designed to fill in all the “gaps” of traditional off-the-shelf software. We’re happy to share all the mechanisms that go into protecting your system with this software.