A firewall is a network security device that tracks both inbound and outbound network traffic. This involves in depth analysis of permits and data packets based on the security rules that have been set. It separates network from incoming traffic, potentially eliminating harmful external sources that could be critical to your brand. In the last year, the great increase in remote and hybrid working has hugely increased the strain on networks and heightened the importance of a network security solution. According to a report published by Microsoft in 2020, ‘The year of the surge in hybrid working’ 73% CISO’s suggested that they encountered data spillage or leaks in the last 12 months. A further 80% said they had experienced an increase in cyber-attacks. The severity of the increase is a clear indication that hackers and malicious users view the change in logistics of a workforce as a golden opportunity to exploit a lack of security.

In the last 25 years, networking security has adapted in many ways to stifle the growing complexity of cyber-threat. With the firewall always an integral part of any security function. The flexibility to be a software or hardware solution makes the firewall both adaptable and affordable. Both solutions, software or hardware, have the ability to differentiate between internal traffic that is trusted and external traffic that is not known to the network.

THE IMPORTANCE OF UTILIZING A FIREWALL

It is also worth noting that these adaptations are anything but permanent, as these trends are expected to remain. Consequently, businesses are looking for permanent solutions as opposed to temporarily plugging gaps in their networking. At least 23% of companies expect the number of users working from home to stay higher, as we step into a modern way of working. Companies are prioritizing changes to ease the right network for the cloud so that all applications are available 24/7 to all employees without compromising security. Cloud hosted SaaS is the future and it is essential to long term stability and keeping up with a distributed workforce.

This poses a security threat. For example, hacking, identity theft, malware and online fraud. This exposure can lead to repeated breaches and threats. In smaller organisations, there has been a huge increase in breaches as security features have not been assessed in line with the change in logistics of the workforce. Proactive protection, such as firewalls is critical to protection no matter the size of the organisation.

Another huge advantage of deploying a security function such as a firewall is that it greatly narrows the attack surface. The technology is now at such an advance stage that the firewall audit tracks the attempted network connections.

TYPES OF FIREWALL

PACKET FILTERING FIREWALLS

This is the most popular firewall that is commonly used to support organisations. It consists of analysis of packets, where they will have to meet the security demands set in place to pass through. Packet filtering firewalls works on an application system. Applications either meet the security demands or will be blocked from the network.

STATEFUL & UNSTATEFUL

Stateful firewalls allow, or block traffic based on state/port and protocol. The traffic is closely analysed from connection to close. Traffic filtering is dependent on security settings as well as context. Context is a unique quality of a stateful firewall as it gathers information around an application. By using previous information, the decision around granting access to the network is a more thorough process with more factors involved in the decision making.

NEXT GENERATION FIREWALL

Applies traditional firewall functions with additional uses. For example, encrypted tunnels, intrusion prevention, and deep packet inspection to name a few. The next generation firewall not only analyses packet headers but also the data within the packet itself. This makes it easier to identify and categorise data.

PROXY FIREWALLS

Proxy firewalls assess traffic at application level, working between two end systems to provide security protection. Application to firewall, analysed against security then permitted or blocked. This includes both stateful and packet inspection.

MAXIMISING YOUR FIREWALL

CASE STUDY - CATO NETWORKS AND THE GREAT FIREWALL OF CHINA

When discussing firewalls, there is none more famous than that of The Great Firewall of China. Since 1999 The great firewall of China has been used to filter traffic going in and out of the country, dictating the content that can be seen by its citizens. In China, an IP blacklist is created with the use of null routing. Null routes for destinations that feature on the IP blacklist are drilled into the network, instructing routers to drop all traffic inbound for blocked IP’s.

A constant issue was that global internet-based connectivity from China suffers high amounts of latency. The Cato solution helped solve this issue as Cato PoPs are interconnected with multiple tier 1 networks. These are backed by clear SLAs for latency and packet loss. Cato software monitors quality of inter PoP connections to establish an optimum route between locations. From this, customers gain predictable connectivity and minimum latency. The Cato software is an advanced network security system that enables customers to enforce centralised security policies. Security policies can be applied on WAN internet traffic without branch office security appliances.

Cato’s Beijing, Shanghai and Shenzhen PoPs are connected by private encrypted links through a government approved provider. The Cato SASE cloud is designed for WAN and authorised internet traffic that enables customers to enjoy consistently low latency and no packet loss. In relation to the Hong Kong PoP, traffic is routed over Cato SASE cloud to global locations and cloud applications.