How To Get The Most From Your Firewall

By Samantha Woollard (Internet Security Specialist) 6 February 2017

Firewalls are the first line in defense to protecting your network. Their main aim is to keep the bad guys out and let the good guys get on with their jobs; preventing threats to your network 24/7. From averting entry of malware to prohibiting hacking attempts. With a firewall your employees can easily access the Internet whilst the packets are constantly inspected and stopping malicious traffic. Without a firewall, every connection to your network can be accessed by anyone, anywhere. No packet inspection would occur allowing attacks to be welcomed. We can agree that a firewall is essential for the security of your network.
However, after being implemented into a business, normally a lot is not done to ensure that it is properly configured; which in some cases can be worse than having none. How do you ensure that your firewall is as effective as you think?
Here are some things to consider when configuring your firewall:

  • Initially, deny all traffic through the firewall. By default, firewalls entrust all connections to and from your network. By denying all, you can ensure that only the services that are needed are available.
  • Disable the administrative page. Most firewalls have a remote administrative log in which does not need to be seen by anyone unauthorised.
  • Change the default password of the administrator and create a new secure one. This should be changed frequently.
  • Block any unnecessary ports. Many ports can be accessed within networks, but only a few need to be accessible. Disable or filter these to reduce your business’ attack surface.
  • Update firewall software regularly to patch any recent vulnerabilities found.
  • Enable firewall logging and make regular backups, keeping copies off-site as well.
  • Enable firewall alerts and investigate anything suspicious.
  • Review your firewall rules every six months and remove any rules that conflict, have expired or simply should not have been added so that the configuration is clear to what should be entering your network and what should not.
  • Block ping requests to your network through the firewall. Basically, an attacker will send a ping request to see if there is something interesting there and if they get a response he knows to investigate further. In the administrator firewall settings, disable responses to ping requests.

A properly configured firewall can help prevent attacks but what if malformed malicious traffic did happen to get through your firewall or what if internal attacks occurred within your business? Other network services are important to implement to further lower the risks, such as intrusion detection system (IDS), intrusion prevention system (IPS), traffic monitoring, content filtering etc.
Not sure how to incorporate this all into your company? Looking for a secure solution to all your network security needs? Are you are looking for an all-in-one solution or one tailored to fit your business; allowing not only stress-free utilisation and continual management but also delivering the strongest security possible? Then Intact Security can help you! Either for small to medium businesses (SMB’s) or large enterprises, we have the network security solution for you.

Relax. Your security is Intact.

Author: Intact Security

Google

Posted on by Martin Quinn in Security Blog