Wednesday, 22 January 2014

Why do you need a firewall when you have anti-virus ?

Traditional antivirus will scan files and emails once the threat is already inside your network. It cannot prevent threats from entering the network. A firewall is a preventative measure that secures your network perimeter against viruses, trojans and data theft, and prevents these threats from entering your network.

Some firewalls are intelligent in such a way that they will create their own blocking rules and scan incoming and outgoing traffic, as well as having the ability for users to add their own allow and deny rules. Most firewalls update directly from the manufacturer’s website so that as soon as a threat is found the device will automatically update to block this. Traditional antivirus usually only does this once a day.

CRYPTO LOCKER - is one reason why you should get a proactive firewall.

Cryptolocker is a particularly nasty ransomeware trojan that encrypts your personal files and demands payment to decrypt them. It spreads in many ways, including phishing emails with malicious attachments or links, and via drive-by download sites. Learn more about Cryptolocker and how WatchGuard Gateway AV, WebBlocker, spamBlocker, and Reputation Enabled Defence protect you. Watch the video and read the Sophos post.

Hardware Firewalls
For the sake of simplicity, think of hardware firewalls as specialized network boxes that contain customised hardware and software. When properly configured, hardware firewalls provide a protective barrier that hides an organization’s internal PCs, servers, and other devices connected to your network from the outside world. They can also shield one company department (say, finance) from another (say, human resources).
In many cases, hardware firewalls are great solutions for organisations that want a single security umbrella that protects their PCs, servers and devices from outside threats. For this very reason, most businesses have hardware firewalls in place.
Low-end hardware firewalls, now found in network switches and routers for the home, are very basic and have their limitations. If you take a personal laptop on the road, for instance, your system is no longer protected by the home-based firewall. These firewalls usually don’t provide intelligent scanning of emails and files, they’re not automatically updated by the manufacturer, and are configured by setting up manual rules which can usually only allow or deny content from particular places.

There are two types of hardware firewall
  1. Dumb firewall – you have to tell them what to block and when
  2. Proactive firewall – these are intelligent an automatically block any potential threats  and:
    • Application Control – keeps unproductive, inappropriate, and dangerous applications off-limits.
    • Intrusion Prevention Service (IPS) delivers in-line protection from malicious exploits, including buffer overflows, SQL injections, and cross-site scripting attacks.
    • Web Blocker – controls access to sites that host objectionable material or pose network security risks.
    • Gateway Antivirus – (GAV) scans traffic on all major protocols to stop threats.
    • Reputation Enabled Defence – ensures faster, safer web surfing with cloud-based reputation look-up.
    • Data Loss Prevention – (DLP) automatically inspects data in motion for corporate policy violations, and hacker attempts
Software Firewalls

Software firewalls are more ideal for individuals that have dial-up or broadband Internet connections. Instead of using a custom piece of hardware, a software firewall installs on an individual’s PC or notebook.

Even if an organisation has hardware firewalls in place, it’s wise for individuals to use software firewalls on their own systems. The main reason: software firewalls are especially convenient for mobile workers who need digital security when working outside of the corporate network. That’s because the entire security solution is, in essence, a single application running on one’s computer. Another major benefit, software firewalls are easily upgraded. Users simply download patches, fixes, updates, and enhancements from the firewall provider’s web site, or the provider sends these improvements as automatic updates via the Internet.

Managed Firewall Services

Reduce costs and improve business protection through our Managed Firewall Services. The field of Information Security has grown significantly in recent years, establishing and maintaining security policies and practices that are relevant to the business can be an overwhelming task. Massive growth in malicious hacking, combined with threats of cyber terrorism have led many organisations to review their Information Security approach.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.