Firewall configuration

Don’t let poor firewall configuration bring your business down, Omni Cyber Security can help! Had a quote already? Use our quote beater.

What is a Firewall Configuration?

Firewalls are network security devices (software or hardware) that are essentially a barrier that sits between your devices and the internet, or other external sources of data. Firewalls form an essential part of any company’s cybersecurity architecture, overseeing the safety of outgoing and incoming network traffic.

How do Firewalls work?

Firewalls work by assessing the incoming traffic based upon a predetermined set of rules.

The firewall filters traffic from suspicious or unsecured sources, and this sits at the traffic entry point of a computer or laptop. These entry points are known as ports. It is at the ports where data from external devices is exchanged.

Why have a firewall?

A firewall is an integral part of an organisation’s cybersecurity strategy. When combined with other security measures, it can be highly effective.

Your firewall can have its own distinct set of rules for outgoing and incoming server traffic. Outgoing rules are equally important to incoming rules. This is because if the server has been compromised by a cybercriminal, then the outgoing firewall rules can stop unwanted outgoing communication.

Internal & perimeter firewalls

Firewall best practices

Firewall configuration best practices include using internal firewalls in addition to your perimeter firewall. Your perimeter firewall only protects your systems from attacks or malicious activity, that originates from the outside.

Internal firewalls offer a degree of protection against insider attacks and protect individual assets in the network. This makes it much harder for an attacker to move from one system to another and this gives you more time to respond to an attack.

Needs regular analysis

Keep on top

You should employ a cybersecurity management company who will check for regular security updates to firewall software.

Just like any other software, firewall software can have vulnerabilities. The firewall software creators will provide updates, called patches, to remove these vulnerabilities as they are discovered.

What our clients think

From my point of view, the most impressive thing about OmniCyber is the feedback I get from others after having introduced them to Omni. An example of those comments include, the best penetration testers I have worked with as they work with you, not just on your system.

Client testimonial

When you take into account their competitive rates and flexible easy-going people, Omni is a joy to work alongside. So much so we have made them our penetration testing partner and they now deliver a managed service for us.

Client Testimonial

Packet filtering firewalls

Packet-filtering firewalls are the most common type of firewall, although they only offer very limited protection against cyber attacks and unauthorised access. Packet filtering firewalls examine each packet of incoming data and only allows them through if they match an established security rule.

Proxy firewalls

Proxy firewalls or application firewalls assess and filter traffic at the application level. A proxy firewall is an intermediary firewall that sits between two end systems. The firewall will evaluate the packet and then it will either be blocked or permitted. This function is known as deep packet inspection (DPI) or Layer 7 inspection and it looks at the data within the packet, as opposed to just the header or name of the packet.

Next-generation firewalls

Next-generation firewalls (NGFW) have additional technology called deep packet inspection, that proxy firewalls and packet-filtering firewalls do not have. Next-generation firewalls can perform encrypted traffic inspection, anti-virus functions, and include intrusion prevention systems.

Network address translation firewalls

These work to keep individual IP addresses hidden, so that attackers can not capture specific or individual details, that can be used to attack individual IP addresses. Network address translation firewalls are similar to proxy firewalls but act as a barrier between outside traffic and a set of computers or devices within a network.

Stateful multilayer inspection firewalls

These firewalls compare packets against known trusted packets at the network, application, and transport layers. Stateful multilayer inspection firewalls examine the whole packet and then pass each layer individually. They can determine the state of the communication to make sure that communications can only occur with trusted sources.

FREQUENTLY ASKED QUESTIONS

Browse our frequently asked questions or Contact us if you have any further enquiries.

A firewall can be a piece of software or a piece of hardware, such as a router, that prevents unauthorised access to or from a private network. The most secure firewall configuration standards will include both:

  • Firewall software – this is a program that is installed on a computer and it regulates traffic through applications and port numbers
  • Firewall hardware – this is a physical piece of equipment that sits between your network and the gateway to the internet

In order to review your firewall configuration, you are best to employ a cybersecurity company that can conduct a security audit health check. A firewall configuration review will ensure that your business follows the best practices.

It is essential to review your firewall because improperly configured firewalls can have rules that conflict with each other. If this conflict exists, then parts of your network can slow down. On other parts of your network, the firewall could fail, leaving it exposed to cyber attacks and hackers.

A cybersecurity company can check your firewall configuration to identify any weaknesses or unnecessary exposure. They can make firewall configuration recommendations that will help to improve your cybersecurity. They will verify that the rules match the business’s policies and requirements, identify firewall rules that can be optimised or removed, and check the firewall operating system version for known vulnerabilities.