The Ultimate Firewall Checklist- 6 points you need to consider

15/06/2016 12:16

Use our Ultimate Firewall Checklist on your next firewall purchase to guarantee next generation protection.




1. Performance

A firewalls main duty is to protect your network. That’s why without adequate performance the network security appliance is essentially useless.

IT professionals assume that the features and security content is enough for a firewall to defend against threats. The thing is, as features of both Next Generation firewalls and traditional firewalls become more sophisticated, there is added pressure to the running of it.

To properly use the advanced security features that comes with your new firewall you need to make sure it can keep the pace with the large volumes of network traffic. This is where firewall throughput comes in. Depending on your business needs anything from 300 Mbps for a small single site however for larger and multi-site organisations at least 1 Gbps needs to be considered.

Another extremely important factor is the full UTM throughput. It’s great having a firewall with impressive firewall throughput. But to be worth its salt you need an appliance that can perform when all the threat management options are enabled. 50 Mbps should be the minimum anyone should be looking at. For most businesses a minimum of 100 Mbps and larger a multi-site anything from 500 Mbps and up!

There are other things to consider to be confident your firewalls performance is up to scratch. Things like connections per second and maximum DPI connections are all part of the formula to guarantee high performance.


2. Availability

To make your firewall unstoppable you need a back-up. We’ve all been there when technology decides to have a frenzy and refuses to co-operate. Imagine this happening on the only appliance which protects your business network from outside intrusions.

Having only a primary firewall is very risky in the event of a unit fail. If your appliance goes down for even just a minute, you leave your business open to lose a lot- revenue, reputation and in some cases your job.

Many firewall brands now give the option to purchases an additional high availability unit to pair with your primary. These units can usually be purchased at a lower cost than the primary and don’t require any additional licenses. In the event of a primary failure, the back-up unit instantly assumes all network responsibilities.


3. Next-Generation Features

This is where the differences between newer firewalls and traditional firewalls come to light. Traditional firewalls don’t see the full picture when it comes inspecting traffic coming through the network and are very limited with their features in controlling and monitoring the network.

When looking on the market for a firewall, choosing one that offers Deep Packet Inspection is essential. This gives it the ability to inspect every aspect of the incoming traffic rather than at face value. DPI

Application control is also a major factor contributing to an enterprise grade firewall. It needs to be easy to monitor and control application use, whether it will be yourself designated with this talk or an IT manager, employees use, unknown applications and privilege and bandwidth allocation all needs to be carefully administered. You need a firewall with context aware monitoring engine to enable the full visibility of traffic.


4. Choices Choices Choices

In today’s firewall market, there are now more choices than ever over features, deployment and even price of appliances. With so many different options it can get overwhelming.

The first thing to consider is how you want to purchase your firewalls. Whether to buy outright or go for a managed service. Your preference over a managed or owned device all boils down to your business requirements and budget.

Smaller, start-ups and growing businesses can benefit greatly from a managed firewall. You still receive all the same protection, benefits and even an on-site firewall but all from a monthly cost as opposed to large upfront costs which come hand-in-hand with enterprise grade firewalls.

On the opposite side are larger and more established businesses which have clear network security budgets set out and can afford to invest more into their IT systems. Buying a firewall upfront with these kinds of enterprises allows them to own and manage their own systems without added monthly subscriptions.


5. Centralised Management

Centrally managed firewall networks make an IT managers life a whole lot easier. If you only have one site with a single firewall then this isn’t a necessity. For others it is. Essential for multi-sites and branch offices, centralised management gives a single point of administrative control.

When on the hunt for your firewall, looking for a system with policy management is the right way to go. This allows different levels of access between users. Also looking for a system which is consistent across both physical and virtual platforms will give you scalability and more deployment options.


6. Real Time Threat Intelligence

This is where the Men are separated from the Boys. Without real-time threat intelligence, it doesn’t matter how clever your firewall solution is- it isn’t truly up-to-date with advanced threats.

Black hats are lurking all over the web and seem to be one step ahead of our security efforts. With constantly new, more malicious methods of attack, it’s hard to keep up. Even huge organisations like Sony and eBay have been victim to them. This is why having access to the most recent information is vital.

What you need to look for is a firewall solution with access to a continuously uploaded stream of data. Many manufacturers will offer a cloud system which feeds the most recent threat intelligence as and when it is discovered.






Most leading suppliers will have most of the aspects associated with an all-round highly secure firewall but most isn’t good enough.

If you’re struggling to find a supplier who ticks all the boxes, Dell SonicWALL's product range provides next-level security with all their firewalls. With a choice to suit any business type, you are certain to find the perfect fit for your business.


Need a firewall but don't know where to start? Contact our in-house team of firewall wizards for help and advice on which model best suits your business.


Call us on 0808 16 444 14 or email us at

Posted in News By Lucy Dobson