Your firewall is your first line of defense against malicious attacks and data theft, however to be effective your firewall must provide comprehensive threat protection, and also be simple to deploy and manage. In particular, there are four main next gen threats your proposed firewall solution must be capable of protecting your network from.
European and Israeli vendors have emerged as pioneers in the development of UTM (Unified Threat Management) and Next Generation Firewalls (NGFW) – the two are almost synonymous, but there are differences we will look at in a later post.
For now, what are the emerging threats and what are the Europeans doing with Next Generation Firewalls?
There are four major threat technologies you now need to ensure you are protected:
Websites can carry all manner of malicious codes which can be downloaded onto a machine, simply by visiting the site. In most instances, this is benign, such as automatically downloading cookies to speed up the delivery and load time of web pages, but the same technique can also be used to deliver malicious payloads.
In addition, filtering what websites staff can visit will also help you control what staff do with the web access you give them. Time wasters, such as Facebook, affect productivity, while porn sites are simply not fit for the workplace and may leave you legally exposed if a staff member is exposed to this content inadvertently.
This is a very new technique which takes the concept of web access control several steps further. You probably have some form of traditional web security in place, but this will most likely rely on broad categories of websites which are off limits or accessible. There is no granular control, and this in turn will lead to some useful websites and applications being blocked, while the bad ones are still accessible.
Web Application Control allows for much greater control over access, maintaining compliance and network security. Downloading files and content from the web is much more tightly controlled, removing the threat of exposure to malicious payloads and objectionable content.
IPS are also known as Intrusion Detection Systems (IDS) and continuously monitor the network and system activities for signs of malicious activity. The main job for an IPS is to detect malicious activity, log the activity and shut it down or block it, and alert network managers to the issue.
HTTPS filtering seeks to stop interception of your data when it is being transmitted – this is important, even if you are encrypting your data. The main issue is the use of SSL connections, which effectively tunnel their way through your network defenses and encrypt data passing through protection systems. The issue is, how do you know the data is what it is supposed to be?
Is that file transfer a legitimate piece of content being sent out to a third party for printing, or is it your client list? Can you be sure that the website an employee is visiting for a download, is actually a credible site or stood up as a phishing exercise, using SSL to directly download a malicious package inside your network?
This is why you need HTTPS Data filtering to protect sensitive information from getting out of your network, and malicious code from getting in.
Swift Systems is a veteran-owned IT security specialist, operating its own data center and helps secure government and highly;y-sensitive private sector data and networks.
Call for a no-obligation consultation on your network security today, or use this form to request more information.
Call: 301.682.5100
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.
Get in touch with us for a free consultation with one of our technical experts. We’ll review your current systems, assess your needs, and identify the coverage options to best meet them.
Get in touch with us by phone: