One of the core elements of securing your company’s network is a firewall.
Firewalls control network traffic flow by determining whether to accept or discard a packet that passes through it based on predetermined security rules.
What Types Of Threats To Firewalls Face?
“Traditional firewall software no longer provides meaningful security,” writes Roger A. Grimes for CSO, “but the latest generation now offers both client-side and network protection.”
Grimes points out that traditional firewalls really only protect against unauthorized people or malware.
They don’t prevent against end-user errors, such as clicking on a malicious link. Grimes explains: “when the end-user does this, it creates an ‘allowed’ outbound connection to initiate the then ‘allowed’ resulting inbound connection back to the user’s computer. ‘Client-side’ attacks are nearly 100 percent of all attacks and firewalls aren’t good at stopping those types of connections.”
What’s A Modern Firewall?
We are now in the third generation of firewall technology called next-generation firewalls (NGFWs). The name seems dated since they have been around for more than a decade. However, in addition to monitoring incoming and outgoing data, NGFWs fold in new capabilities to firewall protection such as:
Application awareness and control
Intrusion prevention functions
Approximately 80 percent of U.S. enterprises have deployed NGFW products, according to NSS Labs.
How Can I Better Manage My Firewall?
Though nearly a decade old, the National Institute of Standards and Technology has provided its list of Guidelines On Firewalls and Firewall Policy that still applies today because of its basic principles.
- Create a policy. If you don’t have one yet, you should. Use this policy to steer your firewall toward what network traffic you want to accept or reject. Some industries, such as insurance and healthcare, may require more stringent firewall policies due to the sensitive nature of their data. Be sure to outline a system for change requests and an approval process for those changes, as well as rollouts of new firewall controls.
- Identify all requirements. Determine what type of firewall product or service you need in your specific case. Plot out how the firewall will exist within the systems you already have in place. Take into consideration the physical location(s) in which you operate, as well.
- Draft rulesets. Be specific about how your firewall controls and monitors network traffic. “For example, some firewalls check traffic against rules in a sequential manner until a match is found,” the NIST document explains. “For these firewalls, rules that have the highest chance of matching traffic patterns should be placed at the top of the list wherever possible.”
- Manage the firewall architecture, policies, and related components throughout its life. Monitor the performance of your system to see whether changes are needed. Identify potential resource issues to help thwart off threats. Plus, remember to regularly patch the firewall software when your vendor releases an update.
To create a better firewall, follow these basic steps to reveal gaps in your system.
Better firewall management in some respects means going back to basics by creating a comprehensive policy and sticking to it.