Configureless Firewalls Provide Security to Remote Offices - Page 2

This is where the configureless firewall comes in handy. Traditional firewalls must be deployed, configured and managed onsite. This often requires an IT professional to travel to the branch office to configure the firewall, and then return to troubleshoot issues as they arise. On the other hand, configureless firewalls are designed to work with an organization's firewall at the headquarters. Prout explained:

Devices like Astaro RED have no interface, have a fast and simple set up, require no configuration or onsite management and are extensions of the firewall at the main office. Thus, they extend the functionality of the headquarters' firewall to the branch office, allowing the IT administrator to manage the security at the branch office through the firewall at the headquarters.

There are few key things that an organization should consider when choosing a firewall, and often these considerations relate back to features offered and ease of use. Prout provided the following suggestions regarding what to consider when setting up a configureless firewall:


Feature set. What features does the organization need to protect its users and data? What security solutions are currently in place and how are they performing? If the organization has a number of separate security solutions for mail, Web, wireless and network security in place, but none are integrated or special in some way, then perhaps it makes sense to look at an all-in-one solution such as a UTM when considering a firewall. Combining all of your security into a single solution has a number of benefits but also gives you the flexibility to pick what tools you need while not using the ones you don't. This can help in a number of areas such as cost saving and time needed to manage the solutions, and the all-in-one solution can also provide greater visibility to administrators who often don't have time to review multiple systems daily.

 

Ease of use. What is the skill set of your technical team? Are they prepared to deploy, manage and integrate the different solutions necessary to ensure security and compliance? This often depends on the size of the organization, and in SMB organizations those responsible often wear many hats and so can't devote their full attention to security. Having a product that is easy to implement and manage is key to freeing up these valuable resources while also ensuring proper security is in place.


Integration with other security solutions. If you're not using an all-in-one security solution such as a UTM, then you need to figure out how to integrate your tools and reporting so that you have a complete picture of what's happening on the network and how effective your security solutions are. Without this, the organization is in danger of introducing vulnerabilities, which could then be exploited.


Reporting. Having the tools to see what's going on, both in real time and historically, is extremely important to any organization, and also helps show the value of a solution. Reporting tools show administrators how the network is being used, by whom and at what times. Good reporting can not only help identify problems, but gives an organization an understanding of their network, which can then be used as a baseline to spot anomalies and misuse, and also to help with future planning.


Ability to evolve to meet new threats. Any firewall bought today must have the ability to update itself to meet the threats we'll see tomorrow. How well this is done rests on a few factors such as the type of hardware used. If your firewall uses proprietary chips, then it's possible that some type of costly upgrade may be necessary to protect against new threats. This not only adds to your security budget, but also introduces a delay in protection, which leaves your business vulnerable.



Add Comment      Leave a comment on this blog post
Feb 10, 2012 6:34 AM BryGuy BryGuy  says:

Can you provide an example of a "configureless firewall"?  You mentioned an Astaro Red but that still needs setup (configured), still requires a technician to go on-sight if something goes wrong and to manage upgrades and changes.  tnx

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.