Firewalls are pretty straight forward, you set it, configure it, and you’re done! RIGHT? Unfortunately, this is how many firewalls are implemented. Firewalls require ongoing configurations. With every hardware install and update you need to be able to identify new & uncontrolled traffic quickly.
When a firewall is equipped with artificial intelligence, that firewall will detect, identify, and alert a system administrator of the unidentified or uncontrolled traffic. When unidentified traffic is left unidentified, it leaves your network vulnerable to malware attacks. Similar to an unidentified person slipping past the airport security with a pocket knife, or worse, a loaded pistol.
What do we know about firewalls?
1. Firewalls are gateways between your secured network and the internet.
2. Firewalls provide gateways between different internal parts of your network, such as:
- Wireless Internet
- Wired Networks
- Etc. (Any device that connects to your servers.)
Unidentified Traffic Running Through Your Network
On Average, almost half the traffic on an average network is not identified. Various applications request permission to pass through your firewall. Once granted access, that firewall will allow ALL necessary information and data to pass through without detection or additional approvals. Custom maps could be getting installed without the firewall recognizing that traffic. Off-Site Backups are subject to new information and customizations. Sometimes employees access social media applications or multi-user video game applications through your internal network. These sites, once granted permissions are open doors for malware and infection. Would your firewall alert you if an app unexpectedly overloaded your network? Would your firewall be able to detect irregular data activity?
What other undetected unidentifiable traffic is going through your network?
- DNS Hosting Information
- Network Configurations
- Hardware Updates
- Outdated Hardware (Such as the End-of-Life Windows 7 Products)
- and the list goes on...
When you decide to take control of your firewall, you are making a commitment to identify as much traffic as possible, in an effort to diminish your risk of data leaks. Every time there is a new connection, a new workstation, a new application installed on the network, your Managed Network Security Provider should be updating your firewall. In many cases, if your Firewall has Artificial Intelligence, it should detect that activity and remind your Network Administrator of the configuration requirement.
Uncontrolled and Unidentified Traffic
If traffic continues to be unidentified by your network’s firewall, then unidentified traffic becomes uncontrolled traffic is the source of Malware and the Source of Liability. Unidentified traffic can leak through, if it is a set-it-and-forget-it operation.
A.I. Firewall Best Practices
So how do you handle Leaks in a Firewall? How do you stop unidentified traffic? How do you gain control of your network firewall?
- Firewalls are about policies. Establish strong and clear guidelines for incoming and outgoing traffic. Who is responsible for those policies? If policies need to be modified, who modifies them?
- Authorized Network Administrators – Who has authority to modify firewall settings? Who is responsible for configuring the information? Who is allowed to approve permissions to applications and websites?
- Assign 1 to 2 responsible members of your staff to being responsible for all firewall activity and firewall policies and traffic guidelines. These are the gatekeepers. Don’t dilute the responsibilities across too many people in the organization. If your current policy is, “Anyone in the IT Department has the authority to create, or direct the MSP, to modify the firewall.” OUCH! Change that policy as soon as possible. Your policy possibly would look more like this, "Mr./Mrs.________ is solely responsible for Company X's Firewall and has been granted authority to create, modify, or direct the MSP when necessary. Should Mr./Mrs._______ be unavailable to make necessary and urgent modifications, Mr./Mrs.__Secondary__ have the authority to grant these permissions." Again, this is only a suggested policy and should be further discussed with your leadership team and MSP prior to making changes.
- Make sure your firewall statement of work clearly states what is being firewalled and what is not. Even the perfect firewall has to incorporate a margin of error. Meaning, a defined amount of unidentified but permitted traffic that balances the ease of use of the network against the security that you need or demand. Understand the concept of margin of error. More ease of use, than security is diminished.
Request Your Complimentary Network/Software Analysis
If you are unsure how your firewall is configured on your network please give us a call (888)816-3819 or complete the form below and request a complimentary firewall analysis. An expert will be able to review your network and guide you through the necessary process you would be recommended to take to secure your network and prepare your company for the future.