We are running an extranet, and our small LAN is connected to the main server via a VPN connection. I would like...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
to install a firewall (hardware/software) to protect our LAN from Internet hacking attempts, as well as other viruses and other malware. What criteria should I use when buying a firewall for this type of environment?
You should always use a firewall to protect any connection to the Internet. In the case of a small network, you probably don't need anything complicated. Here are a few simple ideas you can follow:
- Look for a firewall that provides stateful inspection. Most have this capability. Representative of an advanced firewall architecture, it keeps track of communication packets and ensures that you can easily allow return traffic corresponding to your outbound requests. Only incoming packets that constitute a proper response are allowed through the firewall.
- Consider if you need content filtering. Do you want to take measures to protect users on the network from accidentally (or intentionally!) browsing websites that contain malicious or offensive content? Some firewalls offer content-filtering capabilities.
- How long can you be down? If the firewall fails, what's your backup plan? More expensive firewalls have high-availability configurations that allow the use of two devices. If the primary one fails, the secondary firewall automatically takes over. For those making do with a less expensive product, consider purchasing a second device that can be kept on the shelf for use in the event of a failure.
- Firewall management is critical in today's regulatory climate, and companies looking to streamline firewall management will look to tools from several vendors. (Login required)
- Get the latest news and expert advice on network firewalls.
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.