By Robert Stephenson
Recently, an IT client questioned why he should purchase a “new” firewall. His old firewall (purchased about 6 years ago), to his knowledge, was working and he’d experienced no “known” issues within his information systems. The answer to the question….for the IT community, is simple, but maybe not so for the average user. Let’s look at where this technology started, and where it is today.
Due to the increasing number of cases involving electronic theft of consumer and business electronic information, new considerations must be observed today by all users in today’s hi-tech world. In past years, it was considered acceptable if an institution maintained an effective level of security through the generic firewall, and through use of Intrusion Detection Systems. But when an electronic break-in occurred, the firewall/IDS did not prevent the attack, but reported it, leaving the security expert(s) with the difficult task of determining what happened and how far the intrusion went into any system. Today, new methods have become the norm….not just an Intrusion Detection System, but Intrusion Prevention System……
Let’s look at what the original firewall accomplished….
The original firewalls were barriers…these were setup to “divide” or route specific traffic. Eventually, different types of firewalls were developed….packet filtering, circuit gateways, application gateways. These inspected network traffic at level 3-4, and basic level 7. In other words, the firewall developed into an appliance that could decide whether to accept network traffic but only based on the most basic observations of where the traffic originated. It could not decide, based on any deep analysis of the traffic, if the contents of the network traffic was good, or bad. The firewall developed further in recent years to add strong user authentication, firewall to firewall encryption, and content screening….checking for viruses, and URL screening. But, new systems have been created, to add a new level of protection, and these systems are called “Intrusion Prevention Systems”.
Intrusion Prevention Systems do all of the above and more….examine traffic actively, and the system controls/prevents that traffic from reaching different targets in the network based on analysis of and deep inspection. The IPS engine protects against application level threats and provides proactive defense against vulnerabilities before they are exploited. In short, IPS engines are what’s needed, to protect your network, your systems.
As firewalls exist today, these come with pre-built IPS engines, known as the UTM (Unified Threat Management) generation of firewalls. And so, it is concluded that, as we know technology continues to develop at such a fast pace, so does the technology of preventing information thefts, or damage to business information systems. So….a firewall can be the best investment to make, and should not be overlooked when considering system upgrades.
Please contact us today for more information on firewalls or if you would like to have your existing system evaluated and/or upgraded.