Reducing Risk With Firewall Configuration
When you think about your first line of defense against cyber criminals, a firewall probably comes to mind. The firewall is like the gatekeeper — monitoring incoming and outgoing traffic, deciding what gets in and out based on security rules. They’ve served us well for a quarter century, but not everyone is configuring them correctly, which can lead to disaster.
There are several ways that IT professionals can err, especially today as cloud-based security infrastructure has changed the landscape in how firewalls are supposed to be configured. Before cloud computing became all the rage, there was a well-established network perimeter.
Because many organizations have moved to a hybrid cloud, the basic firewall of yesteryear will no longer suffice. Rather, a layered system of firewalls working together can offer the right level of protection.
Don’t fall into the trap of believing that just because you’ve correctly configured your firewall, you’re safe. Cyber criminals are extremely crafty, and they have found ways to target Wi-Fi networks and construct application programming interface (API) gateways to break in and compromise routers.
This has pushed IT professionals to beef up edge protection, especially given the growing number of endpoints. They’re working toward classifying packets by IP traffic plane, which assists in enforcing security policies. With a robust edge protection strategy, you can better filter out untrusted packets.
As a rule of thumb, it’s recommended to restrict ports or source IP addresses if you’re going to establish port forwarding rules for establishing remote access to a LAN device. It’s actually a common mistake that can lead to a higher risk of security breach.
The danger in being careless with port forwarding is that devices that come across as trusted can actually be a hacker that enters through the LAN segment of the network, enabling them to exploit other devices and assets that are actually legitimate guests of the LAN.
Organizations seek to have as few bottlenecks as possible in their operations, which is what might lead them to launch a firewall that allows pretty much any application to get in. Over time, they’ll tighten access, but usually only after they’ve noticed suspicious activity, at which point the damage might already have been done.
By defining who and what gets access from the onset, you can limit these risks. Don’t start with an open policy — look at the critical applications you rely on for daily operations and create policies that will accommodate those applications.
By partnering with the right agent, you can sidestep many firewall concerns and place trust in your third party provider to assist you. That’s just one of the services we provide at Net Tel One Communications. Contact us to talk about your communication and security needs.