This summary has been compiled to explain why LCI recommends a firewall to all high speed Internet customers (xDSL, cable, Web

Why a Firewall is essential for your business

This summary has been compiled to explain why LCI recommends a firewall to all high-speed Internet customers (xDSL, cable, EtherLAN, etc.) instead of a router. The information herein was gathered from several sources including, PCMagazine, ZDNet, CNET, DSLReports, LinkSys, Cisco, SonicSys, WatchGuard brochures and web sites.

Router (i.e. LinkSys Etherfast Router)

The function of a router is to route all incoming data (packets) between two separate networks. For example a packet with an Internet TCP/IP address of 111.111.111.111 will be routed to your Local Area Network (LAN) with an internal address scheme of 222.222.222.222. Diagram 1 (below) shows all data packets that reach a router will be forwarded to your LAN. These data packets, which are being forwarded, include all packets dealing with information on the Internet and pertinent information dealing with your company as well as all malicious packets being sent by hackers to discover information about your business.

Figure 12.5 The LinkSys EtherFast Router performs some basic firewall functions such as Network Address Translation (NAT). However, the unit is not a true firewall – LinkSys does not actually refer to it as such, but rather as a “Router” in all its literature and on their web site. The LinkSys EtherFast does not filter at the application-level, so it does not block Web content, Active-X, fraudulent certificates, or E-mail attachments. The unit is not ICSA certified. Security does not appear to be one of Linksys’s primary focus areas. This router offers no protection from Denial of Service attacks—or any ability to log that the unit (i.e. your company) is even under attack.

Firewall (i.e. 3COM, Intel, Cisco, SonicWall Firewalls)

A firewall is a hardware device that is separate from a router. A typical firewall design (see Diagram 1 above) has a WAN port, which accepts all traffic from the router, and a LAN port that connects to your internal LAN. The WAN port will NOT forward any data packets to the LAN port unless specifically allowed by a network administrator. The higher end firewalls include a third port that allows the connection of a Web Server or email server to the Internet. Firewalls can offer support for Syslog, customizable logging, WebTrends support, SNMP traps, RADIUS/SecurID authentication, fully customizable DHCP Server, authentication-based VPN tunnels, NTP support, and DHCP over VPN. All of these features are designed to protect your company’s data. Additionally, the higher end firewalls offer integrated anti-virus scanning, acting as chokepoint for the internal protected network. These firewalls can also screen all incoming and outgoing emails and strip specified, unwanted, and potentially dangerous attachments from the email before they reach the mail server or desktop. Included within all firewalls is protection from Denial of Service attacks and ICSA certified firewalling. ICSA certified IPSec VPN is an optional feature along with support for web content filtering, security scanning, and digital certificate-based authentication.

Lancaster Consulting Inc. can help you implement a true firewall in your business. Prices start at under $500 for a basic 10user firewall or 5user VPN/Firewall combination.

LAN Security

Today, robust security is being implemented in many smaller organizations that hadn’t thought seriously about their IT security until recently. What are smaller businesses buying? First on their shopping list: firewall protection. This should come as no surprise, as firewalls typically act as the first line of defense against intruders. The rise of broadband connectivity (cable, xDSL, EtherLAN, etc.) has further spurred this trend. Unlike dial-up connections, broadband is an “always on” technology, giving outsiders a ready avenue and virtually unlimited time to break into a network. Therefore, robust firewalls are a “must have” for smaller organizations implementing broadband technology.

To further boost security, smaller businesses are beginning to sample virtual private networks (VPN). VPNs are ”tunnels” to ensure private communications through the Internet. To date, VPNs have been mostly limited to larger corporations. However, with the increased focus on security, this trend is not changing. VPNs are growing in popularity not only in the enterprise IT secure, but also are expanding into the SMB (small to medium business) market. In fact, VPNs and firewalls are becoming so vital for IT security for all sizes of businesses that the two technologies are merging into one device. We now see a combination of firewall and VPN in a single appliance. This increases the quality and accuracy of set up and configuration of security policies. It also eliminates the problems of potentially overlapping and conflicting security policies when using two hardware appliances.

Finally, businesses are increasing concerned about email and email attachments. Certainly, anti-virus software alleviates some of this worry. But brand new viruses can and do slip through. Moreover, organizations are up in arms about the proliferation of spam, which clogs employee’s in-boxes and cutting their productivity. Enter a new management tool, email content filters, which proactively implement corporate policies regarding acceptable email and email attachments. In the process, they disregard potentially threatening or unwanted email. By examining the content of email messages, this product provides an additional protective layer and augments the anti-virus solutions already in place.

Indeed, the unstable world situation has awakened companies to new threats all along their networks. Larger businesses are closing gabs in their systems, while smaller businesses are rushing to implement their first layers of protection starting with firewalls.