Firewalls are available both in software and hardware form:
Software Firewalls
Many Software Firewalls to be consumer packages for the home user such as Internet Security Suites with a software firewall included, these products are offered by companies such as Symantec, MacAfee. There are Enterprise Software Firewalls on the market such as Microsoft ISA Server (Internet Security & Acceleration Server) which many argue to be one of the most customisable firewalls providing user level access both from the internet to the network and vice versa.
Hardware Firewalls
Hardware Firewalls are the norm for many organisations, unlike Software Firewalls that require a computer or server to be installed on Hardware Firewalls are an independent device that plugs in either between your internet connection and your network or provides the internet connection itself. Depending on model can provide a range of protection to basic blocking of services to integrated security, telephone and remote worker/office connections.
Features of Firewalls
Blocking Unauthorised Access from the Internet
The basic job of the majority of firewalls is to block
Allowing Authorised Access from the Internet
If you have an email server such as Microsoft Exchange, Web Server, Citrix or Terminal Server or another service that requires access from the internet your firewall will need to divert the relevant traffic to that service. Some firewalls will let the other server deal with any security issues that may occur in its traffic such as user authentication other more advanced firewalls will provide various levels of security before forwarding the traffic thus providing additional security to your network.
Employee's Access to the Internet & Content Filtering
More advanced firewalls can allow certain user's access to the internet and block others. Some can also provide content filters which filter the types of website that they access, for example limiting access for some user's to only specific work related websites (at all times or during only during office hours). Other organisations allow all websites to be accessed except those that may pose a threat or are definitely not work related sites (such as pornography websites). Also an important feature is to filter types of file that can be accessed or downloaded, web pages and documents maybe normal work activity but Programs and Music (such as MP3) files may not be and can be limited.
Branch Offices & Mobile/Remote Workers
Many Firewalls now integrate Virtual Private Networking or VPN access to the network. VPN provides remote access to the network such as:
Branch offices Home Workers Mobile Workers
More advanced firewalls can specify the type of access that each remote office or worker can access, this is useful for many security reasons.
Internet Acceleration (or Caching)
The more people and services we have using an internet connection at one time the more bandwidth is required. Bandwidth is the speed at which you connect to the internet similar to a Motorway if you have too many cars you get congestion. Broadband ADSL or Cable connections can be relatively inexpensive but if you require more connections or more advanced & reliable connections the bill will soon build up. Internet Acceleration firewalls or Caching Firewalls can download specific content once either when a user accesses it or at a specific time (for example out of office hours / off peak), when more than one person requires access to that content it supplies the cached content rather than downloading it from the internet again, thus saving internet bandwidth. This can be a considerable saving especially if many staff members access the similar content regularly.
Telephone and Voice over IP (VoIP) Services
Again a regular offering from all levels of firewalls are Telephone and VoIP services. VoIP sends telephone traffic over the internet rather than down your phone line, if it is to another VoIP phone (for example a home worker, branch office or another company with VoIP) it will usually be a free call. If the call is to a mobile or landline number that is not Voice over IP then you can subscribe to a service that is often cheaper than using your landline to make call. These firewalls can often be plugged into your current telephone system. More advanced firewalls can provide least cost routing' to direct the call via the cheapest method and handle times when your internet connection is not working or congested.
Firewalls are a necessity for all connections home users and companies alike. The type of firewall and how it is configured can have significant impact on your security and provide many benefits.
For more information visit our Firewalls & Network Security webpage Simon Finn http://www.finnconsultants.co.uk/ Cornwall & Devon IT Consultants
