We are running an extranet, and our small LAN is connected to the main server via a VPN connection. I would like to install a firewall (hardware/software) to protect our LAN from Internet hacking attempts, as well as other viruses and other malware. What criteria should I use when buying a firewall for this type of environment?
You should always use a firewall to protect any connection to the Internet. In the case of a small network, you probably don't need anything complicated. Here are a few simple ideas you can follow:
- Look for a firewall that provides stateful inspection. Most have this capability. Representative of an advanced firewall architecture, it keeps track of communication packets and ensures that you can easily allow return traffic corresponding to your outbound requests. Only incoming packets that constitute a proper response are allowed through the firewall.
- Consider if you need content filtering. Do you want to take measures to protect users on the network from accidentally (or intentionally!) browsing websites that contain malicious or offensive content? Some firewalls offer content-filtering capabilities.
- How long can you be down? If the firewall fails, what's your backup plan? More expensive firewalls have high-availability configurations that allow the use of two devices. If the primary one fails, the secondary firewall automatically takes over. For those making do with a less expensive product, consider purchasing a second device that can be kept on the shelf for use in the event of a failure.
- Firewall management is critical in today's regulatory climate, and companies looking to streamline firewall management will look to tools from several vendors. (Login required)
- Get the latest news and expert advice on network firewalls.
Dig deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple, Enterprise Compliance
The HHS security risk assessment tool is designed to help healthcare providers meet the HIPAA security requirement. Expert Mike Chapple explains how ...continue reading
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike ...continue reading
Are HIPAA-compliant hosting services a better option for compliance than a secure storage API? Expert Mike Chapple analyzes.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.