It may look like an unassuming box in the server room, but your firewall is your gatekeeper, your first line of defense, shielding you from the bad stuff on the outside world of the Internet.
When firewalls first came into use, it simply meant blocking certain kinds of traffic. Today’s “next-generation firewalls” need to do a whole lot more.
As threats become more advanced, firewalls have to keep up with new capabilities. But there are several ways your firewall can fail you – here are three of the biggest.
1. Complex configuration.
Firewalls can get worse over time – you’ve got to keep an eye on the rule set, and deploy new rules as the network infrastructure changes. If your firewall becomes overly complex, with a mashed-together set of rules, your network security might have holes that are easy for attackers to get in and out of. Your firewall’s user interface needs well-defined workflows to avoid misconfiguration or the need to repeat configuration steps for different modules.
2. Poor performance.
Any slowdown in firewall performance impacts all traffic passing through the device. If your firewall’s performance is slow, you might be forced to turn off features you’d otherwise want to use – leaving opportunities for attackers. Resource-intensive but essential features include intrusion prevention systems (IPS), which monitor the network for suspicious traffic and can block exploits of known vulnerabilities. Or application control, which allows you to monitor and manage different types of traffic going through your gateway such as VPN, YouTube or Facebook.
Some firewalls are incompatible with modern use cases, like IPv6 or applications being ported to the cloud. Or your firewall might not work well with your endpoint security. Your firewall should be able to integrate easily with modules such as email encryption, web filtering, wireless protection, mobile access control and endpoint protection. You need comprehensive reporting to see what’s happening and make adjustments in real time. You may also want to access historical data to make more informed decisions about the optimal setup or to analyze particular incidents.
Faulty firewall – Watch the video
In this short video, James Lyne, Sophos global head of security research, discusses three key firewall failures and how to address them.
James also demonstrates how an attacker can use a simple tool to access a firewall’s complete configuration, including username and password hashes that can be broken and used to gain access to the network.
7 Deadly IT Sins
Learn more about fixing your faulty firewall by checking out our 7 Deadly IT Sins website. It explains common security mistakes organizations make, and offers videos, whitepapers and other free resources to help you avoid them.