Firewalls are the first, and sometimes, the last line of defense a company has against a variety of attackers, ranging from viruses to script kiddies to organized cyber criminals. While the technology is mature, the processes and procedures to manage and monitor a firewall are anything but.
Firewalls these days handle a multitude of security roles – No longer only filters, they will route, translate network addresses, terminate VPNs and other tunnels, look inside the traffic for hidden security threats and correlate attacks. To get the most out of a firewall, it is no longer enough to simply set it and forget it.
For any company that doesn’t have a dedicated security expert, analyzing the output of firewalls can be daunting. Differentiating between suspicious traffic and malicious traffic can be difficult.
- I keep getting repeatedly hit by SQL connections. Is this just normal SQL slammer traffic I’m well protected from, or is someone trying to break in?
- My DMZ web server suddenly started going out to random websites. Has it been compromised, or is this just our applications seeking updates, or an administrator using it conveniently to browse?
- I keep getting connection requests to services which don’t exist, is this normal probing or a precursor to an attack?
Having a managed service provider look after your firewalls can make a lot of sense if you’re a small to medium business. Firstly, it’s unlikely that looking after a firewall is anywhere near a full time job for you – so you can’t hire specialist skills. While your network administrator can look after changes to the firewall, they may not fully appreciate the security risks or understand how to see those risks coming.
Secondly, it provides you with more depth to your defence – not only does your firewall stop attacks, but your managed firewall partner can warn you when you have been compromised, or generate reports on the source and target of most attacks, enabling you to direct other security efforts more efficiently.
Typical benefits to our clients include:
- A risk analysis of every requested change, reducing inappropriate changes.
- Notifications when sites go down increasing availability time
- Trend analysis, providing intelligence to better design other defences
- Notification of likely targeted attacks or successful compromises.
If you think your firewall could do more for you, but don’t have the resources and expertise to make the most of your firewall, Contact ISCS to talk about our managed firewall services.