The Absolute need for firewall!!!!!!

Hi folks we are making modifications to our small business. I want to justify the use of deploying a Firewall. We are already using Mc Afee Security products as an antivirus solution in our systems. Now when, how can i justify the use of firewall . Now can there be a firewall that can do DPI( Deep packet inspection) instead , just being stateful. Now , if my concepts are not wrong, the Anti virus is checking for Layer 7 vulnerabilities. Will it not do Layer 3 checking. In the sense, cannot the antivirus or s/w based windows firewall be used as a security solution? Why do they need the firewall. I know they talk about having two bars rather than one bar to the house....analogy. But , if you have a bar, that is letting most of the malicious code through. And it is really that other bar inside that is doing the job. What is the real need for the external bar( Firewall) . And please could some one tell me about IDS/IPS in relationship to security.......

Thanks
Bharat

The first line of defense is usually the firewall. If configured correctly, it can prevent about 80% to 90% of outside attacks. Which, 1st stops these offending packets before they even get into your network, 2nd they would free your internal antivirus solution/IPS/software firewall from having to deal with this unwanted traffic, and only keep them busy trying to catch "deeper attacks".

Dear Solo,
I want to know how would i know, if i would need a firewall. I currently have a Linksys firewall. I would like to know how to improve it? I should justify the use of ASA 5505 / Sonic Wall. for my organization. How do i do that????? How do i justify their cost.....????? I mean security is not quantifiable right . We already are running Mc Afee IDS/IPS, do you think i would need a firewall, if so why?????


Thanks
Bharat

Hey Bharat,

It totally depends on your organization infrastructure and data confidential environment.

Some companies are satisfied with McAfee and others not and it wholly depends on the individual preferences and satisfaction.

ASA 5505 is the latest and Sonic Wall and Pix are previous Cisco products.

If you ask my favourites, i would say Watchguard Firewall, although each vendors has their own perspective and protocols. The reason Why i choose Watch guard is cost effective than cisco products & combined with IPS/IDS, Anti-spam, content filtering, if need more you have to purchase license and just update, however it works on XTM5 series only.

Again some organization actually do not need Firewall indeed. Their servers can be managed by Kaspersky Internet security itself and access lists of Router (if you are connecting different networks or Point to Point).

As i previously mentioned it depends on the individuals and their work experience, if you ask my suggestion i would recommend Watchguard Firewall.

Hi,
we have different types of firewalls, its the organizational choice. we can go for hardware firewall or software firewall or we can even use a linux box as a firewall.
Its up to your companies choice.

Rizin has some good suggestion there. And Watchguard can be grabbed from ebay dirt cheap. Although I haven't personally tried it.

I want to know how would i know, if i would need a firewall. I currently have a Linksys firewall. I would like to know how to improve it? I should justify the use of ASA 5505 / Sonic Wall. for my organization. How do i do that????? How do i justify their cost.....????? I mean security is not quantifiable right . We already are running Mc Afee IDS/IPS, do you think i would need a firewall, if so why?????

1. Have you encountered many attacks in the recent 6 months?

2. Do you need VPN, in other words, do your users need to work from home, will your organization be more productive if employees were able to work from home?

3. Do you need some port forwarding that your Linksys can't handle. In other words, do you need to setup servers that are publicly viewable from the internet, but your Linksys can't do it, or can't do it well.

4. Is the network slow at peak times and fast at normal times? Is yours Linksys CPU running high very often? What happens when you connect your network without the Linksys firewall. Does it get faster? if the answer to these 3 question are yes, then the Linksys is probably slowing down your network traffic from/to the internet (latency).

5. Do you need advanced traffic filtering?. For examlpe, blocking certain websites.

Answering YES to all those questions probably means that you really need to consider getting a better firewall. You might argue with your company by running a trial software or (if hardware) you could convince the seller to let you try it for a month or so before hand, so that your managers would see the difference. We do that allot here in my organization.

All this is assuming your going for a high end Cisco. But in many cases, you don't have to, you could settle well with a cheap Linux box with Untangle on it ( www.untangle.com/ ). Or try Vyata software. Or go for a Watchguard.