Every consumer-grade PC comes with a basic firewall. Enterprise environments, however, require that the base infrastructure has a stronger security solution that provides greater controls, above and beyond the basic firewall. One solution that provides enhanced firewall capabilities is the Unified Threat Management system.
Since much of today’s business computing relies on access to the Internet, one of the first things an IT administrator does to protect an organisation’s network, data, and infrastructure, is deploy a firewall. Every business that relies on the Internet absolutely needs a firewall, but how exactly does it protect your firm? Below is everything you need to know about a network firewall.
What a UTM Firewall Does
Intrusion Detection and Prevention
A basic security feature of every firewall is its ability to monitor network traffic for malicious activity or policy violations. Once detected, the firewall can block the malicious traffic from entering the network, as well as report it to the network administrator for further analysis and action.
Similarly, the threat of malware is a problem that every business needs to take seriously. With such a wide variety of malware found online, your business will need a firewall solution that routinely updates itself with, and applies, the latest threat definitions. The firewall that is deployed with a Unified Threat Management solution completes these tasks automatically, giving your network administrators peace of mind that your company is protected from the worst of the web.
Application awareness monitors the resource usage and typical behaviours of your company’s applications. After it understands these applications it’s possible to optimise caching behaviours, loadouts, and quality of service (QoS). This also red flags irregularities in application use, adding another security layer to your network.
Load balancing allows distribution of traffic between multiple servers to ensure that they do not get overloaded with requests. It also incorporates failovers, where if a server fails, all traffic is rerouted to the secondary server. So, if your business has two SMTP servers for email traffic and gets an unusually high amount of traffic, the load balancer can distribute it evenly between the two. In the case that one fails, all traffic is routed through the other server.
A VPN, or virtual private network, encrypts traffic and data to and from your network when accessing it remotely, to prevent would-be cyber criminals from intercepting and viewing it en route. Without a VPN, anything you do or send over the Internet can be plucked, reviewed and even rerouted without your knowledge. Using a VPN wraps the data in an encrypted tunnel, so if/when data is intercepted, it basically looks like senseless gibberish except to the sender and intended receiver.
ID Access Control
ID access control grants access to any of your organisation’s given networks simply based on the IP or MAC address of the device. This can be useful if you want to force users to use a different network for their personal devices. You can whitelist MAC addresses of devices only you approve of. Therefore, even if the user knows your WiFi password, they still would not be able to use the network unless you allow them to.
Content and Spam Filtering
Content filtering and spam blocking are two crucial components for every enterprise-level security solution, and they both come included with a UTM appliance. Content filtering allows your administrators to block risky websites, as well as sites that are known to be major time-wasters, like social media and gaming sites. Spam filtering goes even further by blocking spam emails from getting through your network and hitting your inbox (one of the most common ways that malware infects a PC).
One of the primary tasks of a firewall is to monitor network traffic. It can also prioritise traffic based on it’s use. For instance, if your company chooses to make VoIP traffic a priority over GoToMeeting sessions, then an excess of calls will be assigned a majority of bandwidth over anyone in a GoToMeeting. This may cause quality issues for those in GoToMeeting but with the traffic monitoring, you’ll be able to see if this is a common occurrence, and know if your Internet service is sufficient for uninhibited daily operations.
Common Problems Using A UTM Device
A False Sense of Security
It's important to keep in mind that a UTM is only one piece of a comprehensive network security strategy. For example, viruses, spyware, adware, and phishing scams are examples of malicious software that can bypass this protection, especially if your users are uneducated about such threats. Therefore, it’s imperative to train your employees in security best practices, otherwise they could unknowingly allow threats into your company’s network.
A Single Point of Failure
When it comes to UTM appliances, another security concern that every business owner must keep in mind is that it’s risky to have your company’s entire security strategy rest upon a single firewall solution. Like with any piece of technology, a UTM comes with a chance of failure. Should this happen, you’ll need additional security measures in place.
Now that you know what a UTM firewall does, you’ll next want to equip your business with a firewall solution that’s the right fit to handle your network’s size and traffic. Finding the right firewall solution as part of your company’s IT defence plan will involve asking more questions, as well as taking an assessment of your company’s network.