Firewalls are the gatekeepers to your network. In their most simplistic form they stipulate a set of rules for what traffic is allowed in or out of your network. This is the type of firewall you might have at home if you have a broadband connection.
Modern corporate firewalls, however, are far more sophisticated and can offer much more functionality and protection. A typical firewall that we would implement for a client would perform the following tasks:
• |
stateful packet inspection |
• |
real time anti-virus packet inspection |
• |
real time anti-spyware scanning |
• |
real time intrusion protection scanning |
• |
web content filtering |
• |
site-to-site VPN |
• |
client-to-site VPN |
• |
detailed logging with email notification |
• |
detailed usage and traffic reports |
As you can see, that’s a lot of protection, and having it performed at the perimeter of the network will pay great dividends. You no longer need to rely on a workstation’s local anti-virus/anti-spam solutions to protect the workstation because the malicious packets will have been removed as they tried to enter the network. We still advocate having these tools installed on the workstation, but for the most part they are now redundant. Think “defense” in-depth.
