the ultimate guide€¦ · cisco asa 5505 security appliance. 3 what is a firewall? let’s start...
TRANSCRIPT
![Page 1: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/1.jpg)
1
The
ULTIMATEGUIDEto Buying a
Firewall
![Page 2: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/2.jpg)
2
For many businesses, the prospect of purchasing a firewall may
seem like a pointless exercise. Smaller companies often believe
they are an unlikely target for hackers and malicious software
due to their size, while large corporations can assume they are
already protected. Both of these assumptions are, of course,
incorrect.
If you’re looking to replace an existing network firewall, you’ll need to
consider whether the aim is to consolidate everything into a unified
solution or add next-generation features before making your purchase.
There are lots of other considerations too.
In this guide, we’ll take a closer look at firewalls, answering any questions
you may have about this important purchase.
Part 1:
Introduction
Image:Cisco ASA 5505 Security Appliance
![Page 3: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/3.jpg)
3
WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware
device that checks information coming from the internet or through
a network and either blocks it or allows it to pass through to a
computer.
Depending on its settings, a firewall can help to prevent hackers or
malicious software from gaining access to a computer through a
network.
On top of this, a firewall can also help to stop a computer from
sending malicious software to other computers. When choosing your
next firewall, there are several important factors to consider. We
have outlined these below in more detail.
Firewall or Anti-Virus?
It is important for businesses to be
aware that a firewall is not the same
thing as an antivirus program.
So, in order to protect a computer, it is
necessary to have both a firewall and an
antivirus and anti-malware program.
Part 2:
Firewall Basics
Image: HPHP TippingPoint S1050F Next Generation Firewall
![Page 4: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/4.jpg)
4
PERFORMANCE
One of the first points of comparison for businesses of all sizes
when it comes to choosing a firewall, or any other piece of IT
equipment for that matter, is performance. Whether you are
a smaller company looking for a unified solution, or a large
corporation on the search for the most innovative firewall features,
you need to ensure the solution you pick will deliver exactly what
you need.
Very often, vendors offer sizing guidelines that provide a much-
needed helping hand during the selection process. However, it is
always recommended that you also think about your individual
infrastructure, rather than comparing yourself to another
enterprise. To do this, take some time to see how your users work,
their typical usage patterns, which applications they use and the
servers you need to protect. Also, consider the specific features of a
firewall that you are likely to have switched on on a daily basis.
Try not to depend too heavily on any kind of online sizing tool,
as this can create confusion. One vendor may say you require 1
Mbps while the next says you require somewhere over 20 Mbps, so
ensure you do your own research instead. Choosing the wrong size
can lead to performance problems further down the line, whereas
oversizing may stretch your budget more than you need to.
The performance of a firewall is also influenced by the architecture
utilised in any hardware appliance, and how the software and
hardware work together. While an appliance with application-
specific integrated circuit (ASICs) chips can produce good
throughput results for a specific purpose, it places limits on
the potential for upgradeability and can sometimes require the
appliance to be connected in a particular way. It is also worth noting
that performance numbers for ASICs hardware differ greatly from
virtual installations from the same vendor.
Part 3:
Digging Deeper
Image: Juniper SRX300 Series Firewall
![Page 5: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/5.jpg)
5
Tests performed by a third party give a more accurate picture of
the actual throughput you could see in your working environment.
However, it is best to be aware that there are a number of factors
that could influence test results.
These include:
The architecture used in the hardware
The number of ports on an appliance
The type of traffic measured - is it bi-directional or
uni-directional?
How comparable the tests are (ie. proxy-based antivirus
vs. flow-based)
DEPLOYMENT OPTIONS
Many vendors offer value in the shape of deployment flexibility
such as software, hardware, virtual environment or cloud-
based. If you were to choose a software and virtual installation,
it is important to check if it will run on any dedicated Intel X86-
compatible hardware, or if it requires purpose-built hardware
components. Generally, you will enjoy greater flexibility with
standard hardware, which can then be easily upgraded.
Also, depending on the architecture used by a vendor, you may
see considerable contrasts in performance between the firewall
appliance a vendor offers and a virtual installation from the same
vendor on standard hardware. On the other hand, you may choose
to deploy your network security in the cloud, which can be done
using Amazon Web Services or a data center of your choice.
Not all vendors offer deployment options, and therefore it is
essential to check before you make your purchase.
![Page 6: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/6.jpg)
6
EASE OF USE If you have grown accustomed to configuring your firewall using a
command line interface, a security gateway product with a simple
looking GUI could be an attractive option in terms of usability. In
the past few years, network security has come on leaps and bounds,
and vendors are increasingly learning that those products that are
easier to use are also likely to be the most effective. While advanced
features may seem like an attractive prospect, they are of little value
if they are too complicated to actually use.
The user interface of any firewall solution will need clearly defined
workflows to avoid you having to repeat configuration steps for
different modules of the product. Also, with today’s distributed
workforces, the requirement to do any installation on the end
user clients is not a feasible prospect for many organisations. For
example, a firewall offering full transparent mode without having to
configure proxies or set up NAT rules can save any IT administrator a
lot of time.
In the same vein, setup for users in the office should be equally
simple for any staff you have working remotely. Web filtering
rules, for example, need to protect users outside the realms of the
corporate network. In order to support the different devices your
users have, authentication should provide the best, most seamless
user experience.
It is important to consider:
How quickly you get to the information you need to
troubleshoot user problems, for instance, on blocked websites
How easy it is to update the solution
How long it takes to do the most common tasks, such as create
web filtering policies
Whether the dashboard view can be tailored to suit your own
preferences
![Page 7: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/7.jpg)
7
SECURITY FEATURES If you are looking to consolidate your existing infrastructure into
one single solution, it is likely you will be looking for something with
similar features to those you are used to. If you are considering a
unified threat management (UTM) solution for the protection of
emails, do not forfeit additional benefits such as email encryption,
anti-spam and data loss prevention.
If a vendor you have been looking at does not offer comparable
features to your email gateway, then it may not be worth considering
them at all - and the same applies to web protection. A unified
solution should offer equivalent features to a web security gateway.
Even if you don’t use every feature your chosen security product
offers, you still have the functionality you require to support and
enable your business operations.
Should you be looking to replace a retired product - such as Microsoft
Forefront Threat Management Gateway (TMG) - you can find a UTM
with superior features to your end-of-life solution. If your TMG
replacement can also provide network, web and email protection,
you can save money and administrative effort. While the majority of
vendors can offer almost all of the features, they can often only do so
with multiple appliances or security solutions. Also, many vendors do
not offer the full breadth of features on all appliances.
Therefore, for smaller businesses with a limited number of users, it
is best to purchase a solution that isn’t over-dimensioned for your
purpose just to get the features you require.
Part 4:
Security, Protection & Reporting
Image:Watchguard XTM 8 Series Firewall
![Page 8: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/8.jpg)
8
PROTECTION When selecting your firewall solution, you need to look at the quality
of protection. Third-party endorsements can provide a great idea of
which vendors provide the best protection from various threats.
REPORTING Reporting offers visibility into what is happening within your network,
which allows you to make informed decisions to support your
business. In cases where a large amount of bandwidth is being used
by one specific application, it could slow down other operations.
However, with accurate reporting in place, you are provided with
visibility into any infections on your system.
It is important to have real-time data to make ad-hoc decisions,
and to ensure you are providing the quality of service your users
need. Reporting on web usage in real-time allows you to change
your solution dynamically, removing bottlenecks caused by
particular usage patterns. You can also free up resources for certain
departments in the event that certain peaks are expected. Solutions
that only offer reports in set intervals are not adequate for some
organisations, so this is worth keeping in mind. On top of this,
businesses may also want to access historical data to make more
informed decisions about the optimal setup, or to analyse particular
incidents.
Any reporting module should be adaptable to your needs, and
give you the data you want at a time that is convenient for you.
Consolidated reports, which span multiple features, can be beneficial
in some instances. Not all cyber attacks are necessarily just from
one designated source, so having a single view - for example for
command and control - can allow you to eradicate any problems
quickly.
If you are worried about the effect that reporting can have on your
business performance, consider a solution with an integrated solid-
state drive, rather than a conventional spinning disk. Having no
moving parts not only makes them robust, but also faster and with
minimum impact on your solution performance, even for complex
reporting.
![Page 9: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/9.jpg)
9
EVALUATING SECURITY CAPABILITIES In this section of the buying guide, we will look in depth at the
different security features available. Here, you can gain a better
picture of the capabilities that are important to you.
Network protection
Your network security product should provide a solid security
foundation, even before the addition of network protection
subscriptions.
At the most basic level, it should offer the following:
IPS
Static routing
DNS proxy services
DHCP server options
NTP functionality
Stateful firewall
Network address translation
Basic remote access VPN
Local user authentication
Local logging and daily reports
Basic management functionality
Part 5:
Evaluating Security Capabilities
Image:Barracuda NG Firewall F300
![Page 10: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/10.jpg)
10
Web protection
It is likely that you will need web protection that allows you to apply
terms and conditions to the manner in which users spend their time
online. Web protection also stops spyware and viruses before they
can enter the network.
Detailed reports will show you how effective your policy is, allowing
you to make adjustments as necessary.
The following features are recommended:
URL filtering - controls employee web usage to keep
inappropriate content off the network
Spyware protection - prevents malicious software from
downloading onto computers within the network, consuming
bandwidth and sending sensitive data out of the network
Antivirus scanning - scans content before it enters the
network to prevent viruses
HTTPS scanning - provides visibility to how employees are
using the web, and controls which applications they can use
Interactive web reporting - provides flexible reporting
capabilities to allow administrators to build their own reports
![Page 11: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/11.jpg)
11
Email protection
The protection of emails against spam and viruses is one that is
particularly important. Unfortunately, this type of security threat
continues to evolve, making email protection an ongoing issue.
Businesses require email protection to ensure that common
problems like spam and the leaking of confidential information do
not affect the business.
Capabilities to look for include:
Anti-spam - stops spam and other unwanted emails from being
delivered to inboxes within the network
Antivirus scanning - scans for malicious content at the
gateway to stop viruses and other malware from infecting
computers
Email encryption - renders email illegal to prevent spies
and other unintended incidents from obtaining confidential
information
Data Loss Prevention - prevents sensitive data from being sent
by email, whether intentionally or not
User portal - gives employees control over their email,
including spam quarantine and message activity
![Page 12: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/12.jpg)
12
Webserver protection
Webserver protection stops cyber criminals from stealing information
such as credit card details and personal health data. Having this
should help businesses to achieve regulatory compliance when a web
application firewall is required.
A web application firewall scans activity and identifies attempts to
exploit web applications to prevent network probes and attacks.
Capabilities to look for include:
Form hardening - inspects and validates information
submitted by visitors through website forms. It prevents invalid
data from damaging your server as it is processed
Reverse proxy authentication - provides exploit free
authentication for users by integrating with backend DMZ
services
Antivirus scanning - scans and blocks harmful content at the
gateway to stop viruses from infecting computers
URL hardening - prevents your website visitors from accessing
content they are not allowed to see
Cookie protection - protects from tampering the cookies given
to website visitors
![Page 13: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/13.jpg)
13
Wireless protection
Wireless networks need the same security policies and protection
as the main corporate network. They can be operated by network
administrators as two separate networks. Wireless protection from
your network security vendor should alleviate the issue of enforcing
consistent security policies across your organisation. For this reason,
make sure your wireless protection extends your network security
features to your wireless networks. This solution should provide a
way for you to centrally manage the wireless network.
Capabilities to look for include:
Plug-and-play deployment - provides fast and simple setup
Central management - simplifies management of the
wireless network by centralising configuration, logging and
troubleshooting within a single console
Integrated security - provides instant protection to all wireless
clients
WPA/WPA 2 encryption options - enterprise-level encryption
that prevents data loss and theft by rendering data illegible to
unauthorised recipients
Guest internet access - protects wireless zones, each with
different authentication and privacy settings. Enables and
supports wireless hotspots
Detailed reporting - provides information about connected
wireless clients and network usage
![Page 14: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/14.jpg)
14
Endpoint protection
In order to ensure your network stays secure, there needs to be
some endpoint protection in place to check connecting devices
for current updates and security policies. This protection needs to
protect company-owned devices on and off the network.
You can reduce management effort, and also save money, by
integrating your endpoints directly into your network security
appliance. This will also help to achieve regulatory compliance when
different antivirus engines are running at the gateway and on the
endpoint.
Capabilities to look for include:
Ease of deployment - gives the organisation the ability to
easily deploy and manage endpoint clients to prevent malware
and data loss
Antivirus scanning - scans the endpoint for viruses and other
malware
Device control - Allows the organisation to prevent the use of
modems, Bluetooth, USB ports, CD/DVD drives, etc.
Real-time reporting - provides visibility into endpoints with
up-to-date statistics
Support for remote workers - provides the same protection
for workers whether on or off the corporate network
![Page 15: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/15.jpg)
15
CONCLUSIONThe decision to purchase a new firewall is a big one, and should not be
treated lightly. There is an awful lot to consider, but it is vital that you
also think about your future business needs, as well as those in the
here and now.
At King of Servers, we are always happy to help, and will gladly provide
support and advice at every stage during the purchase process. So
whether you are currently in research mode, or looking to buy a product,
get in touch with us to discuss your options.
Contact us by calling
0845 611 8696
or visit our website where you can fill out an online enquiry form, or use
the Live Chat function
www.kingofservers.com
![Page 16: The ULTIMATE GUIDE€¦ · Cisco ASA 5505 Security Appliance. 3 WHAT IS A FIREWALL? Let’s start with the basics. A firewall is a software or hardware device that checks information](https://reader035.vdocuments.us/reader035/viewer/2022063013/5fcb996a95f85964b417b3e8/html5/thumbnails/16.jpg)
16
Contact Details:
www.kingofservers.com
0845 611 8696
Social Media: