We all hear about firewalls and that they protect our computers and devices and some of you may even have called in about changing some settings on your personal firewalls. But do we really understand what a firewall is and what it does?
What Is A Firewall?
A firewall essentially works as a traffic controller or an on/off valve. They serve as a way to block the flow of unauthorized traffic to your network and devices. We can never just trust what comes into our network or even what attempts to go out of it. In an age where we have ubiquitous access to high speed connectivity, there are many methods that people use to attempt to harvest your credentials, upload malware, or even just collect information about you. While good user practices can all but eliminate many of these issues, all it could take is one wrong click to put your device and data at risk. A firewall is just another security level that helps to reduce this threat. It does this by not allowing sites or links that would attempt to do these bad things to connect to your devices while still allowing the trustworthy sites to properly connect at that same high speed.
There are two types of firewalls: software versions and hardware versions. The hardware type is a physical product that is typically attached between your router and internet modem that filters out the unwanted traffic. It works independently of any other devices on the network. Software firewalls, conversely, just operate and protect a singular device and also requires resources from that device to operate. For protecting an entire network, the hardware solution is better as there is no overhead on the individual devices or maintenance required on the individual devices. These firewalls defend an entire network from threats, including any newly added devices. The only real advantages to software firewalls are that they do not require equipment to be purchased, installed or stored and they can protect a unit when it is operated independently from the host network. All recent versions of Windows, starting with 7, have built-in software firewalls, but they are not a comprehensive solution to security on a network.
What Is a UTM and How Is It Different?
A unified threat management system, or UTM, could be considered a more advanced firewall in simple terms. You could consider a UTM to be a combination of a hardware firewall that is also running its own comprehensive active defense software to allow it to stop more advanced attacks or threats that are trying to breech your perimeter defenses. It will normally guard against attacks such as trying to send you infected emails, directing you to infected web sites or even trying to shut down your connection by overwhelming its firewall resources. This combination allows UTMs to provide the best available protection by combining the strengths of each individual threat management system into one unified network.
UTMs also protect outbound traffic, something a standard firewall may not do. For example, when a user inadvertently clicks onto a sketchy site and possibly risks infecting their device, a UTM will warn the user that they may be accessing something that is restricted or even known to be malicious. This helps to prevent a lot of scenarios that, often times, will result in a device becoming infected.
What We Recommend
Due to the superior protection it provides, we will always recommend a UTM style firewall to ensure that your network, devices and data are all as secure as possible. After extensive research and field experience, we at Ridge Support Technologies have decided that the Sophos line of products provide the best balance of security and value on the market today. The Sophos UTM consists of a hardware firewall device along with mailbox protection and device level security. Their hardware firewall is the initial line of defense that will filter out most of the threats before they even reach the inside of your network while their mailbox protection allows for organizations to safely use their email accounts as it filters out phishing threats and spam from the inbox of each user. Finally, these two main security filters combine with an end-user protection that runs on each individual workstation and is in constant communication with the main device. Since no system is infallible, this protection provides a third line of defense that is focused solely on each individual device to provide another level of in-depth protection. All these levels will communicate with each other to the point that, if an abnormal condition is observed, the system can isolate clients until they can be checked by a technician and, hopefully, prevent a problem from getting worse.
Should you have any questions about the Sophos products or have an interest in implementing a UTM for your organization, feel free to call into our office and let us know. We are always happy to help our customers provide better protection for their businesses. We are here to help!