How to Choose the Right Firewall for Your Business

When putting together a cyber-security plan for your business, one size does not fit all. Every business is going to have different needs. But one absolute necessity for your business security solution is a firewall. And there are a lot of options on the market. Understanding what they are, how they work, and what features to look for can make finding the right firewall easier.

What is a firewall?

The basic features

There are two basic features you should look for when finding a firewall for your small business:

• The ability to be used as a router and
• Control of remote access to your network

A good firewall can be used as a router.

Think of the router as a traffic cop of your network. For instance, if you have an on-premise Exchange server, your firewall allows traffic for emails to go to and from that server.

A firewall can also control remote access to your network.

A good firewall should allow for site-to-site and client-based VPN tunnels. A VPN (or virtual private network) is a way of tricking your computer into thinking it's somewhere else. VPNs are commonly used for connecting satellite offices back to the main office (site-to-site) or allowing employees to access data on the corporate network from their home or on the road (client-based).

Additional Features to Consider

Now that we’ve established what a basic firewall should be able to do, let’s look at additional features that should be considered:

Website and Spam Filtering

Some firewalls have a website filter built into them. They allow you to block websites based on categories and/or individual website names. Firewalls can also perform SPAM filtering duties and inspect the traffic coming through your email and confirm that it is safe to pass through.

Antivirus Scanner

Firewalls can also have a built-in antivirus scanner built into them. They can scan web pages, files, and links to stop viruses from entering the network and creating problems for the end user. If you already have a separate antivirus program, you may not need this feature.

Inspect Encrypted Traffic

Firewalls can also have features for inspecting SSL encrypted traffic. These firewalls play man-in-the-middle. It captures the encrypted traffic as it comes into the network, decrypts it using an SSL certificate, reads it to be sure it is what it says it is, re-encrypts it using the same SSL certificate and sends it back out. Cyber attackers frequently use encrypted traffic to avoid detection when sending malware, so being able to inspect encrypted traffic is becoming much more of a "need to have" feature than a "nice to have" feature. 

Control Wireless

Firewalls can also:

• control wireless internet access that is built into the appliance itself or
• control Wireless Access Points (WAPs) that are connected to it.

With the ever growing ransomware problem of today, the sandbox is the largest innovation in security technology that has been seen for some time.

Firewall as a Service

Some IT companies (including PTG) are starting to offer Firewall-as-a-Service options. These will vary by company but all typically include monthly payments (rather than one, large upfront fee) for a firewall with real-time monitoring and updates. This is typically a better option for companies who don't have the resources to keep a firewall updated all the time or don't want to pay the large, up-front cost for a business-grade firewall.

The wireless router that you bought at the big box store doesn’t necessarily count as a full-fledged firewall. Firewalls need to come from a reputable company with support and real-world security features to keep you and your data protected. Just as important is keeping your firewall up to date – if it doesn't have the latest definitions, it's not doing much to protect you. If you're still not sure which firewall is right for you, please reach out and we can help you find the appropriate option.