8 Things to Consider When Choosing a Business Firewall

Firewalls used to be pretty simple devices. They would inspect rudimentary information about incoming network data – where it came from, where it’s going, what protocols it’s using, and so on. In the infancy of the web, that was more than enough. In those days, there wasn’t much differentiation in the firewall market – a firewall was a firewall was a firewall.

business security

But as the internet has become more and more a part of our lives, the threat of cybercrime has grown to suit. Firewalls nowadays have to do a lot more to keep us safe. As firewalls have grown more complex, choosing the right one for your business’s needs has become a brain-fryingly tricky decision – especially if you’re not very techy.

But fear not! We’ve identified 8 simple questions that should help pair you with the perfect firewall for your needs.

8 Questions to Consider When Choosing Your Next Business Firewall

How Large is Your Team?

business team

We’ll start you off with an easy one. Think – how many people use your network when it’s at its busiest? Your network size and load are a crucial deciding factor when choosing the right firewall solution.

Picking the wrong firewall for your size can be an expensive mistake. For example, a team of three working from a garage simply won’t need an enterprise-grade, rack-mountable enterprise firewall. Though it does allow for growth, they may never come close to needing the amount of bandwidth that device is designed for.

On the flipside, a large enterprise firm would risk slowing productivity to a crawl if they choose a firewall that’s designed for a small team. The sheer amount of traffic trying to squeeze through such a low-spec device would be like trying to suck rice pudding through a straw.

Also consider the internet speeds that you currently get from your ISP or leased line. What kind of bandwidth will your firewall need in order to uphold the same internet speeds your team are used to?

Where Are Your Team Based?

business location

Taking stock of how distributed your team are is also an important consideration. For example, a company whose staff are all required at a single site between 9am and 5pm, Monday to Friday, with no possibility of remote working are naturally going to have very different firewall needs to a global team who work completely remotely.

When a team are all based at one location with no way of working outside of the office, they will likely be best served by a hardware firewall commensurate with their size, with any additional security packages to suit their needs.

However, a team who work partially remotely may be better served by a hardware firewall with remote access VPN functionality. This will allow those outside the network to securely dial in and access networked resources.

It also pays to remember that there are other cybersecurity implications when working remotely, so distributed companies should also look into multi-factor authentication tools and good cybersecurity training for their team.

What Is Your Level of In-House IT Expertise?

it support

Do you have dedicated IT staff on your payroll? And do they have the space in their workload to acquaint themselves with a new firewall system? If the answer to either of these is “no”, then you’ll need to pair with a firewall supplier who is willing to be more hands-on, providing a “managed-for-you” service.

Thankfully, security automation is on the rise – and for good reason. A single cybersecurity incident can spread through a network in zero seconds flat – making it impossible for even the most highly caffeinated human technician to react in time. Automation tools like WatchGuard’s Automation Core can independently handle urgent or repetitive tasks, taking the strain away from those responsible for your IT security.

As an aside – we encourage you to regularly reassess your company’s entire relationship with IT. If you’re happy dealing with suppliers directly then that’s great, but as workloads expand it may be worth looking into some kind of service level agreement or managed IT services.

What Cybersecurity Products Do You Already Use?

sophos intercept x

Take a look at the online security tools already in your arsenal. Do their manufacturers have their own firewall solutions? Cybersecurity vendors usually provide a suite of different security tools, all designed to be seamlessly intercompatible with each other. Therefore, choosing a matching firewall can put you at an advantage.

For example, if you already use Sophos’s Intercept X antivirus software, you can be sure that it will dovetail nicely with their XG range of firewalls. If you’re already using WatchGuard’s WIPS or Guest Wi-Fi systems, a WatchGuard firewall will be the most compatible option.

Yet on the other hand, it’s important to not get too caught up in brand loyalty. We recommend you upgrade your firewall every 5 years – a business can change beyond all recognition in that time. You need to choose a firewall that is going to future-proof you through the next 5 years, so leaning towards “what’s worked up until now” may not be the best answer. Making the swap to a new cybersecurity brand may seem daunting, but the right reseller or supplier should take your concerns on board and put your mind at ease (we certainly will!).

What Functionality Do You Need from Your Firewall?

What exactly do you need your firewall to do, aside from “keep my network safe”? As mentioned above, there are numerous different extras that firewall manufacturers can offer nowadays aside from basic firewall protection.

Naturally, the firewall you choose needs to suit your company’s size and required bandwidth, but you need to make sure it inspects encrypted HTTPS traffic too. This is the kind of traffic that flows to and from websites with an SSL security certificate – a practice that most websites are now adopting. Because this traffic is encrypted, many (often cheaper) firewalls tend to pass it by, along with all of the nasties that may be hidden within; hence why we recommend you choose a firewall with HTTPS inspection as standard.

With that essential stipulation out of the way, we generally recommend any firewalls that also include some kind of gateway antivirus, deep packet inspection (DPI) functionality, sandboxing, and flood protection. If you have remote working policies, then remote access VPNs and multi-factor authentication are a must as well.

As prices continue to drop, there’s little reason to not invest in other security services too, like content filtering, intrusion prevention, data loss prevention, security automation, and more.

Do You Want to Own, Rent, or Lease-to-Own Your Firewall?

You don’t have to own your firewall in order to have one. Many businesses assume that you have to buy a firewall outright, but it’s not your only option.

Ownership may seem the most straightforward – you aren’t tied into any lengthy contracts and the hardware is yours to do with as you wish – but owning your firewall isn’t always the best choice. It’s a large capital outlay – and one that will happen every 5 years if you upgrade as frequently as we recommend. Plus, if you outgrow that firewall or it becomes obsolete, then you’re kind of stuck with it.

Renting can seem less desirable on the surface, but it does come with some quite significant benefits. Firstly, renting accommodates business growth. We will happily switch out a rented firewall for another model should your company grow or your needs change. Rental charges are simple, budget-able OpEx costs, not a pricey CapEx investment with diminishing value. Rental agreements can also protect you in case of breakdown or obsolescence.

How Will Each Supplier Support You?

Regardless of what kind of firewall you choose, choosing the right provider is just as important. Speak to each company you’re thinking about purchasing/renting from and “listen between the lines”; do they take an active role in answering your queries and making sure you’re making the right decisions for your business? Do you get the impression that they’re “just on the other end of the phone” if something were to go wrong? What levels of support do each supplier offer?

Any reputable firewall provider should care enough about your custom to listen to any concerns, talk you through your options, and be available in case things go wrong. You’ll be glad to hear that our team do all three – and more!

So speak to Just Firewalls today! Our friendly experts are on hand to provide jargon-free, down-to-earth advice about all of your online security needs. It’s our aim to pair the UK’s businesses with the best security solutions for their needs, and if something goes wrong – we’ll put it right. Our technicians are located throughout the UK and are available 24/7. Talk to us – call 0808 1644414 for an informal chat or drop us a line to request a call back.