10 Questions to Consider Before Buying a Hardware Firewall

Buying a firewall can be compared with buying a house. There is no one-size-fits-all and there are many things to consider before committing to one. Just as a family of 5 wouldn’t be comfortable in a studio flat, it would be equally impractical to invest in a firewall that either far outstrips or doesn’t meet your needs.
If you are in the market for a hardware firewall there are a number of things to consider before you start your search:

1. What Type of Business Do You Run?
Hardware firewalls may be overkill for some businesses. If your business is a one-man web-based operation that does not store any personal customer data then a software firewall will likely be sufficient. But if your business is a financial firm or you deal with customer accounts then a strong firewall is absolutely necessary.

2. What is the Size of Your Business and Your Bandwidth Needs?
The size of the firewall you will need somewhat depends on the number of users on your network and how much bandwidth is used. In general, the more users on a network, the larger the firewall has to be. It is best to anticipate growth as most firewalls cannot be upgraded.

3. What Type of Firewall Do You Need?
Each type of firewall has its advantages and disadvantages. Research carefully and ask advice of a specialist before making your final decision. Here (link to previous blog)are the main types of firewalls explained.

4. What About Anti-Virus Software?
Even with a firewall you will still need to have a reliable anti-virus software installed on each machine as viruses, worms, Trojan Horses etc. can infect your machine and network from sources such as e-mail links, DVD’s, USB’s and SD cards.

5. Do You Need Data Logging?
Data Logging referrers to the recording of traffic in and out of your site. And depending on the type of site you operate and where you live you may be required by law or company policy to keep your logging records for a certain amount of time. Records can be kept on a disk if your traffic is low to moderate or on a separate device for sites with higher traffic.

6. Do You Need Identity Management (IdM)?
IdM is the task of recognising and authenticating the identity and data of users on a network. Standard firewalls typically can only enforce policies and record traffic against IP addresses where as more advanced firewall (UTMs and NGFWs) are able to integrate with directory services so that the policies can be enforced and traffic recorded for users and user groups.

7. Do You Need Virtual Private Networking (VPN)?
VPN allows users to log into a secure network remotely, this could be site to site Internet Protocol Security (IPSec), so that you can securely connect to remote company locations or third parties. You may need Secure Socket Layer (SSL) VPN’s to allow home workers and roaming workers to connect to your resources securely. The amount of remote workers you have will affect the type of firewall you require and how much it will cost.

8. Do you Need Device Awareness?
Device Awareness facilitate Bring Your Own Device schemes. Some firewalls can control network access for different types of devices that your employees may bring onto your premises enabling you to identify, monitor and report on the types of devices being used in your network and enforce policies based on the device type – this may be a consideration for you when choosing a firewall solution.

9. Do You Need High Availability?
This is typically where you have two firewalls working in a cluster where one is the primary device and the other is the secondary device. All configuration is automatically updated onto both firewalls, so should the primary firewall fail, then the secondary firewall will take over in seconds keeping your business running rather than waiting for hours or even days for you to get a replacement firewall and configure it.

10. Is Ease of Management Important?
Some firewalls are more user friendly than others, it is important to know how well the Graphical User Interface (GUI) is designed and how easy is it to manage and operate the firewall.

Most of all, it is important to remember that your security worries to do not end with the installation of your firewall. Firewalls must be regularly tested and maintained to ensure they run at peak performance. And even the strongest firewalls can be breeched through human error, i.e. weak or re-used passwords, leaving ports open, etc. As reported in recent news, a single well publicised security breach can be an enormous setback for your business. And under the Data Protection Act, in the UK, your company is responsible for the protection of sensitive data.