Newsletters Welcome, Guest Log In | Register
Blogs:

Paul Mah

SMB Tech

Expert tech insight and advice for small businesses with big goals

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Features for the SMB Firewall

Posted by Paul Mah Jan 14, 2009 4:29:27 PM

I was reading about how China has shut down almost a hundred Web sites since last week.  The reason for the closures: Many of these sites contained pornographic content, which is illegal in China.

 

The article triggered my thinking about the kind of controls that an SMB might want to enforce on its network traffic.  This is an important area, especially since the growing network of a small and medium business necessarily means that they do not inherit the "everything included" features of high-end enterprise firewalls.

 

So what are some of the features an SMB should look for in  firewalls?

 

General port filtering

 

This is the most basic level of filtering found in even the most affordable firewalls.  You should be able to define the ports to be blocked and allowed.  In general, most companies will probably want to block all outgoing ports except for services such as SMTP and POP (e-mail), FTP (file transfer) and HTTP (Web browsing), etc.

 

The ability to manage network ports will allow you to block most games as well as applications that attempt to access the Internet.

 

Basic URL filtering and logging

 

The next level of control to consider would be to perform basic filtering by URL.  Most of the time, it will make sense to perform some kind of logging of URLs, too.

 

The ability to perform URL filtering and logging will allow the network administrator to potentially expose malware or unauthorized applications that use HTTP.  In addition, the ability to log all accessed URLs should also deter staff from visiting inappropriate Web sites in the office.

 

Blocking Instant Messaging

 

The freedom to perform instant massaging in the office can be a touchy area and depends heavily on work culture.  I know of organizations that require every staffer to have an IM account and to be constantly logged on when at work.  I also know of organizations where being seen instant messaging at work is viewed as slacking off.

 

Whatever the case, the ability to block instant messaging is typically only available to higher-end firewalls, since IM clients such as MSN Messenger have many different methods of connecting, making them difficult to block.

 

So make sure you check that the firewall has the intelligence to weed out IM messages if you want to block that.

Related Content

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Browse

Topic: Content Filtering

Content filtering rides herd on what is leaving and entering an organization

Blog: Keeping Inappropriate Content at Bay Takes More Than URL Filter

Article: NSF Problem Proves Basic Content Filtering No Longer Enough

News: Wiresoft Launches Firegate, Issues 'Hack Us' Contest

Related Topics

Data Security, Firewall, SMBs, Usage Management and Monitoring

Featured White Papers

Browse

Lowering Your IT Costs with Oracle Database 11g Release 2

This white paper identifies the key capabilities a database management solution needs to successfully deliver more information with higher quality of service, make more efficient use of IT budgets, and reduce the risk of change in data centers.

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.

Resource Centers

Browse

Data Loss Protection

Data-loss prevention tactics, technologies and best practices to protect your sensitive and valuable company data.

Featured Whitepapers

Realizing Enhanced Productivity and Timely ROI from Your DLP Security Technology

Premium Tools

Browse

Windows 7 Upgrade Project Kit

Moving to Windows 7? The Windows 7 Upgrade Project Kit is the ideal support tool for managing all phases of an organizational upgrade to Windows 7. The tools and templates in this kit will help you develop a strategy and map out the implementation tactics which link your Windows 7 deployment to your company's bottom line.

Learn more >

Disaster Recovery & Business Continuity Template Pack

Prepare your company for any type of disaster you can envision and those you cannot. Immediately download this comprehensive set of templates and tools for documenting your business contingency plans.

Learn more >