News / Guides
What is a Firewall? And Why Does Every Business Need One?
When putting together an IT network, many of us know that a firewall is a “must have”.
But what exactly is a firewall? What does it do? How does it protect a network? And does it keep you safe from all kinds of online crime?
You see, having a firewall is only part of the puzzle. It’s just as important to know what a firewall does, how it keeps you safe, and crucially what it doesn’t do.
So, let’s investigate.
What is a Firewall?
A firewall is a network security service that monitors incoming and outgoing network traffic, filtering out any traffic that is potentially malicious or doesn’t comply with predetermined security or access rules.
It therefore serves as a protective boundary between the trusted devices on your network and untrusted systems, for example on the open internet.
Because firewalls can filter out malicious traffic, they can effectively protect you from a number of online nasties. Depending on the firewall system and the needs of the network it’s protecting, firewalls can play a part in defending a network against hacking attempts, malware, malicious links, DDoS attacks, and more. Next-Generation Firewalls (NGFWs) have a number of added features that further the protective capabilities of “old-school” firewalls.
One analogy we like is that the firewall is like a gatekeeper – or perhaps a bouncer in front of a nightclub. It lets the benign stuff in, and turns the bad stuff away before it can do any damage.
What is a Next-Generation Firewall?
Next-Generation Firewalls marry traditional firewalling capabilities with a host of “Unified Threat Management” (UTM) technologies, such as intrusion prevention, gateway antimalware protection, gateway sandboxing, deep packet inspection, data loss prevention, and more.
Given the sheer scale and number of online threats nowadays, most corporate firewalls now feature some sort of next-generation monitoring and filtration capabilities.
How Do Firewalls Work?
A firewall is usually installed at points where your internal, trusted network meets external, untrusted networks like the open internet. This allows the firewall to inspect traffic as it enters your network, and inspect traffic as it leaves. At its most basic level, a firewall will monitor incoming traffic to see where it’s going, what it’s trying to do, and whether that activity is safe/normal.
If the traffic is trying to do something that contravenes your internal security policies or something that the firewall otherwise detects as potentially malicious, then that traffic will be stopped in its tracks. Many modern firewalls can even work with online threat libraries to guard against known threats that have already been detected elsewhere.
When your organisation uses a firewall, you will generally be able to provide custom rules that help govern your network. You could, for example, block access to unprofessional or distracting websites; bar data from travelling over certain ports; limit certain kinds of traffic; or set alerts to flag when certain criteria are met.
Do Firewalls Defend Against All Online Crimes and Incidents?
Sadly, no. Simply having a firewall won’t render you immediately immune from cyber incidents. No single cyber or network security solution will ever leave you 100% secure. Shame, really.
Though a perimeter firewall is well placed to filter out many types of inbound nasties, there are still ways that bad actors can gain a foothold within your network. Social engineering is a big one, and can be used to hoodwink unsuspecting network users into giving hackers access to sensitive resources. Also, incorrectly securing internet of things and ICS devices can present significant security risks.
A better way of thinking about your security is to focus on creating a layered cocktail of security tools that address your individual risk factors and technical needs.
Related Reading: How Hackers Get Through Firewalls
7 Reasons Why Every Business Needs a Next-Generation Firewall
1. Your Firewall is Your First, and Primary, Defence Against Cybercrime
Simply having a firewall is a great first step in defending your network. It sits at the gateway between your network and the internet, and filters out anything that may do your network (and by extension, your business) harm.
Going back to our above “nightclub bouncer” analogy, it scrutinises the traffic that is trying to enter or leave your network and stops that traffic from moving further if it senses anything untoward. Understandably, this extra level of oversight makes a network far safer than it would be without. Though a firewall is far from all a business needs to stay safe, it’s a solid foundation on which to build the rest of your security stack.
2. Next-Gen Firewalls Help Control What Leaves Your Network, Too
You may be surprised to see that NGFWs can also stop potentially damaging outbound traffic too. Many next-gen firewalls often feature some kind of data loss prevention functionality which monitors outgoing traffic to make sure that sensitive data isn’t being shared in insecure or unauthorised ways. This can be used to protect sensitive login details, payment information, or even industry secrets from leaving your network infrastructure.
3. Firewalls Can Protect Both Internal and Remote Teams
Having team members work remotely can be really useful. However, not all external networks are going to have the same strict levels of security as your internal network.
Yet most firewalls nowadays can protect remote workers with remote VPN functionality. Effectively, this allows authorised parties who are outside of your network to “dial in” to your firewall through the internet and benefit from the same security rules and policies as they would if they were working at your premises. There are other, better ways to protect completely remote businesses including DNS filtration and cloud firewalls, but for a spot of hybrid working, a well-matched firewall will be more than able to accommodate.
4. Firewall Logs Give Insight into How Your Network is Being Used
A firewall isn’t just a box that sits at the gateway to your network and does its thing. Authorised parties can access a wealth of logged information held within.
The types and formats of data that your firewall saves will vary depending on your firewall’s model and set up. But on the whole, you can:
- See if any of your users are flouting IT policies
- Identify devices that are accessing unproductive content
- Identify repeated access (read: hacking) attempts from specific, external IP addresses
- Uncover suspicious connection requests and scans
- Monitor regular network activity to monitor and continually improve your security policies
…And more.
5. Sound the Network Security Alarm with Alerts
As well as simple logging, many firewalls also allow you to set up alerts that notify your IT teams as soon as a potential major incident is on the horizon. Again, the nature of alerting will depend on the solution you choose, but many NGFWs can alert you when:
- A threat has been detected
- When a security rule violation is detected
- An attempted port scan is detected (which could be a criminal carrying out pre-attack cyber recon)
- A large amount of data is trying to enter from or leave for a single, unknown IP address
- Sensitive data is attempting to leave the network
- The firewall’s internal resources are reaching their limit
- An update to the firewall needs to be installed
…And more.
Related Reading: What is Cybersecurity Alert Fatigue and How Can You Escape It?
6. Firewalls Let You Block Access to Unprofessional Content
Because a firewall sits at the barrier between your internal team and the outside internet, it’s a perfect place to monitor and block access to unprofessional websites.
Statistics differ on just how much time employees spend on non-work internet usage while at work. One source found that people can spend anything from 3 hours a week to a whopping 2.5 hours a day “cyberloafing”! Thankfully, modern firewalls can be set to monitor internet usage, so you can understand just how much time your team is spending on their personal emails, or on platforms like Facebook or YouTube; and you can block access to them too.
However, blocking certain websites network-wide can be a double-edged sword. For example, your salespeople may rely on LinkedIn to do their job, or your marketers may rely on platforms like Facebook and YouTube to publish promotional material. Many firewalls will allow you to set up groups and exceptions to certain security rules so you can keep the wheels of industry turning!
7. Firewalls Can Help You Comply with Regulations
Numerous regulators and pieces of legislation require you to maintain a certain level of cyber and network security in business.
Firstly, GDPR requires you to keep personal data secure using whatever technical and organisational measures are appropriate for your organisation, infrastructure, and level of risk. For many businesses, this is likely to include firewalling to some extent.
There are other regulations and standards that either imply the need for, or outright require, a firewall in order to comply, such as PCI DSS (especially requirement 1), Cyber Essentials, and ISO/IEC 27001.
How Do I Choose a Firewall for my Business?
There are a number of different things to consider when choosing a firewall for your business, including how many users you need to protect, whether any of them work remotely, how fast your internet connection is, and how much data “throughput” you’re going to need the firewall to inspect. There are also a plethora of protective next-generation capabilities to consider too.
Check out our recent firewall buyers’ guide for more information about how to select the right firewall for your organisation – or get in touch with the team for some customised advice.
Should I Choose an On-Premise Hardware Firewall, or a Cloud Firewall?
Hardware firewalls have been the main method of protecting networks for a long while, and they’re still generally a sound investment. Firewalls for smaller teams often look like a small, router-like box that can sit on a desk or a shelf; whereas more heavy-duty firewalls are usually designed to be installed within server cabinets.
However, with the growth of decentralised workplaces and hybrid working, cloud firewalls are increasing in popularity. This is where all of the functionality of a next-generation firewall is deployed in a cloud environment, so you no longer need your whole team to be on the same physical network in order to be protected. Understandably, this makes them an optimal choice for organisations who work completely remotely.
You can learn more in our firewall buyers’ guide.
A Brief History of Business Firewalls
The first firewalls were developed in 1988 and were incredibly basic compared to the firewalls of today. They inspected and filtered data packets as they entered a network, using very basic security rules. But because they were so rigid and reactive, they could easily be circumvented.
In the 90s, “second generation” firewalls appeared. These firewalls built on the first gen functionality, but added the ability to remember and track connections between devices. These relationships could therefore be mapped, and an idea of safe network activity could be maintained.
At roughly the same time, application firewalling was being developed. In short, this is effectively a firewall that is able to see what services are using which ports, so it can identify if unauthorised ports are being used or if an authorised port is being misused.
In the 2000s, as the internet got faster and became more a part of regular, daily life, we started to see firewalls taking on more of a fully featured approach to digital defence. We start to see the beginnings of the next-gen firewall features we know today, like VPNs securely connecting multiple locations, spam filters, and gateway protections. Firewalls started to inspect outbound traffic around this time too.
The current generation of NGFWs arrived around 2008, which included even more protective capabilities, better integration between functionality, and overall better control and visibility over a network’s comings and goings.
Need Help? Get in Touch.
Choosing the right firewall is an important decision. If you’re not sure about what you need, or you have any questions, the Just Firewalls team is here to help. We can have an informal call to chat about your requirements, uncover the perfect product for you, and give you a no-obligation quote.
Simply give us a call on 0808 1644414 or request a call back through our contact form to get started.