After discussing different ways to stay safe online in our last blog post, we decided to continue with this theme, but shift our focus a little, instead focussing upon the technologies that can be used to keep you, your organisation and your data safe.
We are now living in an environment where network security is constantly changing to keep up with the continuously evolving and sophisticated cyber threats. Although there are various firewall solutions available, the solution that will be the feature of this post, are the Dell SonicWALL Next-Generation Firewalls.
So I guess you’re wondering right about now, why have they chosen this product to feature? What’s so great about this?
Well the Dell Next-Generation Firewalls differ greatly from that of traditional firewalls. To help you try and understand and comprehend exactly what these products can do, we’re going to break it down into sections and compare these products with that of traditional firewalls so that you can see for yourself, exactly why these are the best product out there.
Stopping Malware, Intrusions and Advanced Attacks
Traditional Firewalls: Traditional firewalls are very limiting when it comes to network security, as they only provide part of the security an organisation requires. Forcing many to supplement their firewall with other network security technologies (i.e. anti-malware products, intrusion prevention systems [IPS] and content or URL filtering packages). Although these extra technologies achieve the desired effect (block malware, detect attacks and prevent users from accessing sites with malicious content), it can be an expensive and undermining task1.
Why you ask? Well, firstly to manage multiple technologies you require multiple licenses. Secondly, for every product/system your company has, your systems administrator must understand and master (or employ a specialist) the complexities of “configuring hardware and software, setting rules, creating reports and monitoring events”1.
This is not only costly but can undermine the security of your company, as attempting to “correlate data from multiple products to detect and respond to fast-moving attacks”1 becomes very difficult.
Next-Generation Firewalls: Unlike traditional firewalls, Next-Generation Firewalls provide all of these network security technologies in one product. They can1:
Block viruses, Trojans, worms, rootkits and polymorphic ‘zero-day’ malware at the gateway before they reach the corporate network.
Prevent ‘drive-by downloads’ from infected websites.
Mitigate denial-of-service and flooding attacks.
Detect protocol anomalies and buffer overflow attacks.
Stop network traffic from geographical regions and IP addresses associated with cyber criminals.
Block outbound botnet ‘command and control’ traffic.
Prevent employees from visiting websites containing content related to pornography, substance abuse, gambling, hate crimes and other objectionable topics.
The consolidation of all of these security technologies into one device, ensures that installation, configuration, deployment and management can all be completed as a unit, reducing costs significantly.
This also makes it easier for administrative staff to identify and react to threats earlier, before the organisation’s security has been compromised, as all the data is available through the one reporting system. Thus making it easier for staff to compare and correlate data1.
Inspecting SSL Traffic
Traditional Firewalls: Many companies, such as banks and retailers use what is known as Secure Sockets Layer (SSL) protocol to protect any sensitive or confidential information that is sent between their website and customers. This type of traffic cannot be blocked as it has many legitimate and necessary uses. Traditional firewalls cannot decrypt or inspect SSL traffic however. Meaning that hackers and/or cybercriminals can use SSL traffic to conceal malicious software, entering through a firewall1.
Next-Generation Firewalls: Unlike traditional firewalls, Next-Generation Firewalls use Deep Packet Inspection (DPI) technology, which allows the device to inspect and decrypt SSL traffic in and out of your organisation’s network. Therefore, if a hacker or cybercriminal was attempting to conceal malicious software through SSL traffic, Next-Generation Firewalls would be able to detect and block the malware from entering the network, whereas in traditional firewalls the malware would often go undetected until it is too late1.
Controlling Web Applications
Traditional Firewalls: Traditional firewalls are not ‘application aware’, meaning that they cannot connect network traffic to a particular application1. This can leave your network vulnerable, as these types of firewalls have no method to block dangerous applications, control applications that while legitimate can be subject to abuse or visualise and control traffic by application. In today’s society where applications are used on a daily basis, this lack of control over applications is a major cause for concern1.
Next-Generation Firewalls: Unlike traditional firewalls, Next-Generation Firewalls, have the ability to1:
Block applications that endanger security or reduce productivity, such as peer-to-peer file sharing and FTP file transfers.
Control legitimate applications that are subject to abuse – for example, allow instant messaging programs to exchange text but not transfer files.
Limit applications to a certain time of day – for instance, allowing access to multi-player games only after business hours.
Ensure that high-priority applications (customer relationship management, order processing) will get more bandwidth than less urgent applications (chat, video streaming).
By being able to visualise and identify traffic and its corresponding application, administrators are able to employ policies to ensure acceptable-use, safety and productivity1.
Managing Users and Use Policies
Traditional Firewalls: Similarly, to their relationship with applications, traditional firewalls, also have no way to visualise users with network traffic. Therefore, if there is suspicious activity occurring, administrators cannot (easily) identify who that traffic is associated with. This makes it difficult when it comes to maintaining an organisation’s security, as traditional firewalls cannot1:
Enforce Internet acceptable-use policies.
Provide insight into application usage.
Identify which users are using dangerous applications or surfing to compromised websites.
Limit social networking applications to groups that have a business need to use them.
Improve network performance for high-priority groups.
Next-Generation Firewalls: Next-Generation Firewalls however, have the ability to visualise and identify what specific individuals are accessing and who poses security risks or inadvertently affects productivity (i.e. downloading massive files or streaming long videos during peak periods). This visualisation, allows administrators to enforce policies throughout their organisation, to reduce security risks and low productivity.
For example, “Facebook, Twitter, LinkedIn and other social media sites may account for hundreds of non-productive hours for many employees. However, the marketing and human resources departments may have good reasons to access these sites, including to promote products and services, assess consumer sentiment and find job candidates.”1 Therefore, Next-Generation Firewalls can1:
Enforce company policies by giving marketing and HR access to social media sites while blocking access for employees in other groups.
Allow everyone to post text and photos on Facebook, but not play Facebook related games.
Permit engineering and IT to stream technical videos during work hours, but allow other employees to stream video only at night.
Allocation more bandwidth to executive management and selected departments.
Trading Off Security Against Performance
Traditional Firewalls: When it comes to security vs. performance administrators have to make some very tough calls. Many administrators find that if they activate all of the organisation’s security measures, the firewall slows network traffic, causing many users to complain. When faced with this dilemma, many administrators will opt to disable firewall rules, (which makes the organisation vulnerable to security risks), to ensure positive performance and productivity for the organisation1.
Next-Generation Firewalls: When you employ a Next-Generation Firewall however, administrators never have to compromise the company’s security to maintain performance. As Next-Generation Firewall’s are equipped with processors that have faster clock speeds, CPUs that are specifically designed to perform security scans and understand the network’s communications, parallel processing architectures and more efficient approaches to DPI, the company’s network is enhanced while security is maintained1.
Have we convinced you yet?
No?
Well not only can the Dell SonicWALL Next-Generation Firewall protect your organisation
“…against viruses, spam, spyware, intrusions and other threats that can enter the corporate network hidden in web traffic. But they deliver comprehensive protection that combines intrusion prevention and malware protection with application intelligence and control plus real-time visualisation capabilities, with the Dell portfolio of Next-Generation Firewall solutions. They also scan all traffic, regardless of port or protocol, using deep-packet inspection technology and meet the needs of growing and distributed enterprise networks with massive scalability.” 2
Not only can they protect you and your organisation more effectively than that of traditional firewalls, but they are backed by industry leaders. The SonicWALL has received many industry awards, and has been ranked at the top by independent research organisations such as ICSA Labs and NSS labs1. For such an outstanding and efficient product, it would be pointless to look anywhere else.
References:
Dell SonicWALL, How Traditional Firewalls Fail Today’s Networks — And Why Next-Generation Firewalls Will Prevail, Dell SonicWALL, USA, 2012, viewed 20 December 2016, https://software.dell.com/documents/how-traditional-firewalls-fail-todays-networks-ebook-24532.pdf
Quest Software Inc, Provide the most powerful firewall security available, Quest, 2016, viewed 20 December 2016, https://software.dell.com/solutions/next-generation-firewall/