We are running an extranet, and our small LAN is connected to the main server via a VPN connection. I would like to install a firewall (hardware/software) to protect our LAN from Internet hacking attempts, as well as other viruses and other malware. What criteria should I use when buying a firewall for this type of environment?
You should always use a firewall to protect any connection to the Internet. In the case of a small network, you probably don't need anything complicated. Here are a few simple ideas you can follow:
- Look for a firewall that provides stateful inspection. Most have this capability. Representative of an advanced firewall architecture, it keeps track of communication packets and ensures that you can easily allow return traffic corresponding to your outbound requests. Only incoming packets that constitute a proper response are allowed through the firewall.
- Consider if you need content filtering. Do you want to take measures to protect users on the network from accidentally (or intentionally!) browsing websites that contain malicious or offensive content? Some firewalls offer content-filtering capabilities.
- How long can you be down? If the firewall fails, what's your backup plan? More expensive firewalls have high-availability configurations that allow the use of two devices. If the primary one fails, the secondary firewall automatically takes over. For those making do with a less expensive product, consider purchasing a second device that can be kept on the shelf for use in the event of a failure.
- Firewall management is critical in today's regulatory climate, and companies looking to streamline firewall management will look to tools from several vendors. (Login required)
- Get the latest news and expert advice on network firewalls.
Dig deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple, Enterprise Compliance
Social media compliance is not typically considered a big issue for companies, but expert Mike Chapple explains why it should be.continue reading
Metadata tagging is not just for security. Expert Mike Chapple explains how tagging tools can be used to achieve PCI DSS compliance.continue reading
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.