Computer security related issues have become common these days. According to the stats, there is a 4-9% increase in cybersecurity spending in 2019. So, are you spending enough on your business’s security?
Like the old saying, “It’s better to prevent than cure”, you definitely need have proper firewall appliance configuration to ensure network safety.
What is a firewall appliance?
A firewall appliance is a device that provides firewall protection for a network. It includes all the necessary hardware and software in a self-contained package that plugs in between the two networks being isolated.
Most firewall appliances are solid state and include a stripped down the operating system. Running their own Web server, they are configured with a Web browser from any computer in the network.
Types of firewalls
There are two kinds of firewalls: software and hardware appliances.
are installed on your computer system and are ideal for ensuring that every computer (including your in-office staff and remote employees) has a basic level of protection against threats when they’re online.
is best for installing at each entry point to your corporate network (such as your cable or DSL connection).
Since it’s an appliance, it’s always on, isn’t dependent on a computer being turned on or off, won’t crash due to your operating system not working right, and is often more robust and powerful than software-based firewalls.
How does firewall work?
When your computer has firewall protection, everything that goes in and out of it is monitored. The firewall monitors all this information traffic to allow ‘good data’ in, but block ‘bad data’ from entering your computer.
You can say that firewalls act like security guards at a big building. There are many people going in and out of the building, but not each person is treated the same.
Firewalls use one or a combination of the following three methods to control traffic flowing in and out of the network:
- Packet filtering
- Proxy service
- Stateful inspection
5 steps to configuring the firewall
1. Secure your firewall
If an attacker is able to gain administrative access to your firewall it is “game over” for your network security.
Therefore, securing your firewall is the first and most important step of this process. Never put a firewall into production that is not properly secured by at least the following configuration actions:
- Update your firewall to the latest firmware.
- Delete, disable, or rename any default user accounts and change all default passwords. Make sure to use only complex and secure passwords.
- If multiple administrators will manage the firewall, create additional administrator accounts with limited privileges based on responsibilities. Never use shared user accounts.
- Disable simple network management protocol (SNMP) or configure it to use a secure community string.
2. Architect your firewall zones and IP addresses
In order to protect the valuable assets on your network, you should first identify what the assets (for example, payment card data or patient data) are.
Then plan out your network structure so that these assets can be grouped together and placed into networks (or zones) based on similar sensitivity level and function.
Generally speaking, the more zones you create, the more secure your network. But keep in mind that managing more zones requires additional time and resources, so you need to be careful when deciding how many network zones you want to use.
Once you have designed your network zone structure and established the corresponding IP address scheme, you are ready to create your firewall zones and assign them to your firewall interfaces or subinterfaces.
3. Configure access control lists
Now that you have established your network zones and assigned them to interfaces, you should determine exactly which traffic needs to be able to flow into and out of each zone.
This traffic will be permitted using firewall rules called access control lists (ACLs), which are applied to each interface or subinterface on the firewall.
Make your ACLs specific to the exact source and/or destination IP addresses and port numbers whenever possible.
At the end of every access control list, make sure there is a “deny all” rule to filter out all unapproved traffic.
Apply both inbound and outbound ACLs to each interface and subinterface on your firewall so that only approved traffic is allowed into and out of each zone.
4. Configure your other firewall services and logging
If your firewall is also capable of acting as a dynamic host configuration protocol (DHCP) server, network time protocol (NTP) server, intrusion prevention system (IPS), etc.,
then go ahead and configure the services you wish to use. Disable all the extra services that you don’t intend to use.
5. Test your firewall configuration
In a test environment, verify that your firewall works as intended. Don’t forget to verify that your firewall is blocking traffic that should be blocked according to your ACL configurations.
Once you have finished testing your firewall, your firewall should be ready for production. Always remember to keep a backup of your firewall configuration saved in a secure place so that all of your hard work is not lost in the event of a hardware failure.
And that’s all about firewall appliance configuration. Make sure you take your time studying how to’s and apply carefully.