WHAT INSPIRES YOU, INSPIRES US.
Insights : Article

9 Things Your Firewall Should Be Doing

By   Kevin Bingeman

June 08, 2017

Heard about the WannaCry ransomware and want to stop it from affecting your business? Or better yet, want to prevent your business from the negative effects of ransomware, malware, viruses, etc. (the list goes on and on)?

First, ask yourself a few questions:

1. Do you have a firewall?
2. Does your firewall have intelligence to detect and prevent security threats?
3. Did you check with your IT provider and they told you everything is in place to prevent infections?
4. Want a second opinion? (Of course you trust your IT provider, but it’s never a bad idea to verify for yourself.)

What Your Firewall Should Be Doing
If you answered “yes” to that last one—or “no” to any of the other ones—here are nine items to check off to help ensure your firewall is properly protecting your business against Internet-based threats.

1. Content Filtering
Your firewall should use controls to enforce Internet-use policies and block access to non-business or malicious websites.

2. Multi-Engine File Sandboxing
Files downloaded to your users’ web browsers need to be checked if they are safe or not. If that’s unknown, then they need to be sandboxed and tested to verify their safety before they can be used. If they aren’t safe, then they should be automatically blocked!

3. Antivirus
Your firewall should have a real-time, high performance virus scanning engine and dynamically updated database to detect threats as they happen.

4. Antispyware
It also needs real-time, high performance prevention of spyware that could transmit confidential information out of your network

5. IPS
Make sure your firewall has high-performance traffic inspection and dynamic database protection against application exploits, worms and malicious traffic as well as manages access control for peer-to-peer instant messenger applications.

6. Application Intelligence and Control
Your firewall should manage privileges and bandwidth for application and users, allow or deny Internet based on the application, and inspect, detect and prevent infections from application communications.

7. Geo-IP and Botnet Filtering
Your firewall should block connections to or from a geographic location such as overseas where you may not be doing business, but where hackers are actively working on gaining access to your network. It should also block connections to and from botnet command and control servers to prevent ransomware.

8. Inspection of SSL (Encrypted) Web Browsing Traffic
Your firewall should inspect SSL traffic for viruses and other malicious content. Most web browsing today uses SSL, and without this service it is all encrypted and the firewall cannot detect malicious content.

9. Inspection of SSH (Encrypted) Connections to Internet
You will want to be sure your firewall detects and prevents advanced encrypted attacks that use SSH, which blocks encrypted malware, spread of infections and command and control activities.