Firewalls and gateways provide a basic level of protection where a user connects to the Internet. While antivirus software helps protect the system against unwanted programs, a firewall helps to keep attackers or external threats from gaining access to your system in the first place.
The firewall monitors all network traffic and can identify and block unwanted traffic that could be harmful to your computer, systems, and networks. The security provided by the firewall can be adjusted like any other control function (in other words, the firewall ‘rules’).
Why are firewalls important?
Firewalls create a buffer between your IT network and other, external networks.
Remember that the Internet is basically a public network. This means that any connected computer can find and connect to any other connected computer. A firewall helps create a barrier between the Internet and your own computer or network. It enables you to program what can get out and what can come in.
A firewall can help protect against:
- Criminal hackers trying to breach your network
- Viruses that spread from computer to computer over the Internet
- Some outgoing traffic originating from a virus
How to protect yourself
The UK government’s Cyber Essentials Scheme provides a set of five controls that organizations can implement to achieve a baseline of cybersecurity, against which they can achieve certification in order to prove their compliance.
Certification to the scheme provides numerous benefits, including reduced insurance premiums, improved investor and customer confidence, and the ability to tender for business where certification to the scheme is a prerequisite.
One of the scheme’s five controls is Boundary Firewalls and Internet Gateways. This can help your organization confirm that every assessed is secured by a correctly configured firewall (or equivalent network device).
New to the Cyber Essentials scheme? Find out more >>
For all firewalls (or equivalent network devices), your organization should routinely:
- Change any default administrative password to an alternative – using best practices – or disable remote administrative access entirely
- Prevent access to the administrative interface from the Internet unless there is a clear and documented business need, and the interface is protected by one of the following controls:
- A second authentication factor, such as a one-time token
- An IP whitelist that limits access to a small range of trusted addresses.
- Block unauthenticated inbound connections by default
- Ensure inbound firewall rules are approved and documented by an authorized individual; the organization need must be included in the documentation
- Remove or disable permissive firewall rules as soon as they are not needed. Use a host-based firewall on devices that are used on untrusted networks, such as public Wi-Fi hotspots.
Secure your organization with Cyber Essentials
With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as $390.
Find out more