Knowledge HubTM
What is a firewall?
- Date Posted:
- Read time: 4 min read
- Written by: Exa Networks
Online security is one of the most important things to consider for any school or business. Firewalls are a major part of a security plan, but what is a firewall? For starters, they prevent unauthorised access to your network.
They are designed to act as a barrier between your network and the internet. They analyse incoming and outgoing traffic and evaluate it against set criteria to decide whether it is potentially harmful. Firewalls block data, which is considered to be a threat, from entering your network, whilst data that is deemed safe is sent on to its intended destination.
Think about your house, you wouldn’t leave the front door open or unlocked because anyone could get in. Closing or even locking the front door provides a layer of security to your home, well, the same applies to your network with the introduction of a firewall.
When you have an internet connection it is effectively an open path into your network, giving someone plenty of opportunity to attack and access your personal data. Installing a firewall makes this virtually impossible as it closes the path and provides a layer of security before allowing someone to access your network.
Types of firewalls
Firewalls can be hardware, software or virtual machine. Each offers different functionality but has the same purpose. Which one is the best fit for you and your organisation is completely dependent on what your requirements are. Here we will look at what the options are and discuss what they are best suited to.
Software firewall
A software firewall is a programme installed on your computer or device. Incoming data comes directly from the internet to your device and the software firewall will scan it and determine whether or not it is malicious.
Whilst they may cost less than other solutions, deploying a software firewall can be time consuming. This is because it has to be installed on each individual computer or device in your network, as a result, it takes up memory on your computer and can cause it to slow. It also only addresses a threat at the point at which it arises on the individual device so it doesn’t act as a gatekeeper to your network as a whole.
Once a software firewall is installed it is immediately up and running and because it is on your device’s operating system it will offer protection wherever you go. However, when it is time to update the software, if this fails on any of the devices this will have to be done manually in order to maintain protection.
Is this firewall best suited to you?
Software firewalls are suitable for home application or in small office environments with less than 10 devices. It wouldn’t be suitable for you if you have a large number of devices or group policies because it would be impractical to implement.
Hardware firewall
A hardware firewall is a physical device that forms part of your infrastructure and protects your entire network. It sits behind your router and acts as a gatekeeper between your network and the internet, analysing incoming traffic and blocking any threats.
A hardware firewall provides protection one stage earlier than a software firewall, because it is a physical barrier between the internet and your network, it blocks potentially harmful data before it penetrates your computer.
A hardware firewall has to be physically installed on your premises but once it is installed it provides protection for every device connected to your server. When it comes to upgrades it is an all encompassing approach and all the devices benefit for the same level of security at all times.
Is this firewall best suited to you?
Hardware firewalls are all encompassing, so they protect your entire network rather than individual devices. Installation work is required at your premises because it is a physical device but once it is installed it will offer instant protection. It is best suited to most organisations where a comprehensive network-wide solution is required.
Virtual machine
A Virtual Machine(VM) is a piece of software that emulates the functions of a hardware firewall. It is hosted in the cloud and therefore does not require a physical device to be installed on your premises.
In exactly the same way that an on site, physical firewall blocks harmful traffic, the virtual firewall environment scans internet traffic and once it has been inspected for threats, it is allowed to pass through into your network.
However, a key difference between a VM and a hardware firewall is that it is a software product therefore doesn’t provide a physical barrier. This can pose a potential issue depending on where the VM sits in your network, as it may be unaware that threats are already within your infrastructure.
A VM can be deployed either on a single site basis or across multiple sites and can be managed through a centralised interface. As it is cloud based it is the most portable solution of all the firewalls available.
Is this firewall best suited to you?
VM firewalls are suitable for organisations that have a lot of cloud-based infrastructure as it is perfect for analysing traffic going to and from applications in the cloud. It is also a great option for multi-site organisations as it provides an all-in-one solution that can be deployed simultaneously, unlike a hardware firewall which would require installation at each individual site.