Oct 12, 2020 1:00 AM ET
iCrowd Newswire – Oct 12, 2020
Do you think that the Windows Firewall is strong enough to shield your systems from intrusion? If yes, you might want to go through the following expert opinions — and reconsider your stance.
Some organizations, mostly small and medium-sized enterprises, purely rely on Windows Firewall for protection. However, Ian Hansen from Philantech3 observes that “software firewalls will never be as effective as a solid hardware appliance solution that can inspect incoming and outgoing traffic.”
Why Isn’t Windows Firewall Good Enough?
The firewall included in Windows is ideal for primary use, i.e., PCs on a domain or LAN. It would, however, not provide the best of defenses for computers connected to the public internet. Why?
- It does not have default exfiltration rules. Without specific configurations, it cannot block any inbound or outbound data. Even with the settings in place, the Windows Firewall does not act as a reliable security gateway.
- It doesn’t configure rules to address various attack scenarios/block malicious traffic.
While supporting these sentiments, Jarom West (SureTec) recommends that the least you can have as a front line of defense is a hardware appliance with IDF/IDS capabilities. He further insists that an ideal firewall is one that “lets you regulate inbound and outbound traffic, visualize traffic metrics, set rule grouping, and white/blacklists for certain traffic protocols or ports.”
Which Types of Firewalls Must Any Small Businesses Implement?
Software-based firewalls can easily be compromised by malware introduced into your systems through malicious emails. Therefore, a correctly done cybersecurity program must protect all vectors through which attackers may penetrate your systems. To achieve this, it should have several layers:
- Hardware-based firewall
- Software-based firewall
- Spam/malware detection for your email system
- URL filtering to protect from online threats
You can deploy different firewalls based on expert analysis of your cybersecurity needs. Regardless of the size or industry of your organization, Ravi Jain (Technijian) advises that any firewall you implement must-have “IPS (Intrusion prevention systems) and IDS (intrusion detection systems). This enables them to scan traffic that passes through to see if someone is trying to attack you or introduce dangerous contents into your networks. For extra security, you can also deploy a firewall that detects viruses and malware.”
You must have noticed the widespread insistence on firewalls with IDS and IPS, two critical capabilities that the Windows Firewall does not have. This is because if malicious data can get through to your workstations, then the gateway’s protection has failed. Practically, your network is as good as breached. A firewall is as useful as it can regulate inbound and outgoing traffic. If you rely on Windows’ native software firewall, then at least supplement it with a VM appliance that can function as an IDS.
Where Is Your Firewall Hosted?
Like most business operations, the implementation/management of firewalls is gradually moving to the cloud. Controlling firewalls from the cloud enables you to get the latest updates in real-time. Virus and malware detection is also enhanced, thanks to regular alerts and reports. In fact, Ravi Jain thinks that it’s imperative for “(all) enterprise firewalls to have enhanced reporting so that you can get flagged when faults occur.”
Above all, your best line of defense is your staff. Even with the most sophisticated firewalls in place, you still need to train your personnel on cybersecurity basics. Skills like ‘how to identify bad emails’ can come in handy if your firewalls are compromised. We have seen employees go as far as disabling firewalls for machines on the internal LAN for petty reasons like not making a piece of software work. To safeguard your systems, you must implement robust firewalls — and train your staff to get the most out of them.
MSP Tech News
Keywords: Firewalls, cybersecurity, url filtering, malware detection, spam detection, intrusion prevention systems, IDS