Ask the Expert

What makes a good firewall

I would like to know what makes a good firewall?

    Requires Free Membership to View

The obvious answer is one that stops what you want to stop and allows what you need to allow.

There are many good firewalls on the market. What is best for your organization depends on your needs, such as bandwidth, complexity of the access rules needed, etc.

I personnaly prefer those firewalls that rely on port-blocking along with statefull inspection. While there is nothing inherently wrong with those based on proxies, I have found that some administrators have trouble setting them up correctly and maintaining them.

Flexibility in the rules sets is also a key. If you want to block a particular port from everyone except from a certain IP range, you want to make sure the firewall can do that. Some less capable packages have a port either on or off for everyone.

If your organization is large, you probably want to have multiple interfaces to the firewall, as well. That way you can effectively have different back-end networks served by the same firewall. The firewall should also support different rules sets for those separate networks. If both have to have the same rules set, the multiple interfaces don't do much good from a security standpoint.

This was first published in June 2001

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: