The average computer system left unprotected on the Internet will come under attack within 20 minutes after going online, according to the SANS Institute, a computer security watchdog.
With that in mind, getting a firewall may seem like an easy decision. But, choosing a firewall and figuring out what exactly needs to be protected may be a little more complicated.
A firewall provides a virtual barrier between an outside network (typically the Internet) and a private network or personal computer. It can be used to block viruses, worms, pop-up ads and spam, filter out contact with undesirable websites and protect sensitive files.
There are two kinds of firewalls: hardware and software. Hardware firewalls (sometimes called embedded firewalls, as they are embedded into a router or switch) come housed in appliance form. It’s a device that is typically wired between the network and the gateway to the Internet. Software firewalls are loaded applications used to filter out unwanted traffic coming and going. And like anything else, either kind can cost a lot or a little ranging in price from less than a $100 to more than one hundred thousand dollars. A good mid-level firewall will range in price from about $500 to $1500 and accommodate up to 100 users.
How to choose a firewall
So which type of firewall is better for your business? “I don’t recommend a specific solution until I know what a company needs,” says Joern Wettern, co-author of Firewalls For Dummies. Wettern recommends that before picking out a firewall, a small or mid-size business owner would be wise to inventory what exactly is being protected and what kind of traffic is and isn’t to be allowed.
Here are some criteria Wettern says to consider:
Manage what you have
One of the biggest problems that officials of small companies run into is believing that setting up a firewall is all they need to do to protect their business computers, network and data. Firewalls also need maintenance. “You don’t have to spend a lot, but you do have to take responsibility for it. You have to manage your firewall,” says Ben Rothke, director of security technology implementation at AXA Financial, a New York- based financial institution, and a frequent speaker at industry conferences on network security.
Rothke says that for anything more complicated than basic Web surfing, invest the money in a specialized IT consultant to do the initial set-up. Make sure the firewall is configured properly from the beginning.
At least monthly, he says, check for any new updates or patches and install them immediately. Test the system. There are many websites and programs that offer system checks that will point out the weak links in the network.
Features and pricing are important, but it’s not what determines the quality of a good firewall. In the end, what may matter most is how well a firewall is maintained once it’s in place.