We are running an extranet, and our small LAN is connected to the main server via a VPN connection. I would like
to install a firewall (hardware/software) to protect our LAN from Internet hacking attempts, as well as other viruses and other malware. What criteria should I use when buying a firewall for this type of environment?
You should always use a firewall to protect any connection to the Internet. In the case of a small network, you probably don't need anything complicated. Here are a few simple ideas you can follow:
- Look for a firewall that provides stateful inspection. Most have this capability. Representative of an advanced firewall architecture, it keeps track of communication packets and ensures that you can easily allow return traffic corresponding to your outbound requests. Only incoming packets that constitute a proper response are allowed through the firewall.
- Consider if you need content filtering. Do you want to take measures to protect users on the network from accidentally (or intentionally!) browsing websites that contain malicious or offensive content? Some firewalls offer content-filtering capabilities.
- How long can you be down? If the firewall fails, what's your backup plan? More expensive firewalls have high-availability configurations that allow the use of two devices. If the primary one fails, the secondary firewall automatically takes over. For those making do with a less expensive product, consider purchasing a second device that can be kept on the shelf for use in the event of a failure.
- Firewall management is critical in today's regulatory climate, and companies looking to streamline firewall management will look to tools from several vendors. (Login required)
- Get the latest news and expert advice on network firewalls.
Dig deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.