A firewall is an absolutely essential security tool. There’s no doubt about that, but if you want your company’s IT network to be truly secure, there’s much pre-planning work to be done before you even think about what tools need to be deployed.
Staff education is all-important. While everyone understands the need for protecting physical assets, locking doors and employing the services of security guards, most employees don’t make a parallel with the need to protect a company’s information – arguably a far more valuable commodity.
It’s here that staff attitude is the single most important factor in making security work. It is essential that senior management appreciates the need for security, is committed to it and allocates money to it. Otherwise, IT staff will be fighting an uphill battle to implement proper security measures.
Once your risk assessment is complete, security policies drawn up, staff have been educated on the importance of security, senior management has committed to the concepts and money has been set aside for implementation, the security tools must then be deployed to do the job.
Security tools: the firewall
The firewall is a key security tool and, if properly configured, should protect your systems from external hacking. Depending on the firewall, there might also be a host of other security-related features such as VPNs, prevention of denial of service attacks, encryption, authentication, certification or Web blocking of unsuitable Internet sites.
Other ‘key’ basic security measures you will want to deploy are virus control, encryption and access control. Virus control is absolutely essential to avoid a whole host of problems which can range from minor irritations to those that can cost the company hundreds of thousands – or even millions – of pounds.
Without encryption, sending data is like sending a postcard – it’s there for everyone to see. Encryption is essential, and will probably come as part of your firewall or VPN facilities. Speaking of which…
Virtual Private Networks (VPNs)
A Virtual Private Network (or VPN) is a secure tunnel over the Internet through which data can flow from one network to another without the risk of being read by hackers. Key components of VPNs are access control, encryption and the authentication of data and users alike.
VPNs are required for any organisation conducting regular Internet communications with branches or third parties, such as suppliers. Today, peer-to-peer VPNs are available (such as those from CA’s eTrust range) which protect information between individual PCs. VPNs are also available for mobile users and employees working from home.
ServerLocking is a major development in protecting data, both from external sources and within an organisation. Products such as WatchGuard’s ServerLock install on Web, database or transaction servers to ensure that server-based information cannot be altered by unauthorised internal or external users.
Intrusion detection can also be a powerful tool, monitoring all incoming and outgoing activity on your network while adopting a ‘detect, alert and prevent’-style approach.
Content Inspection may protect companies from malicious mobile code attacks which can be hidden in viruses, Trojans or worms, etc, or in Java applets, Active-X controls and scripts – all of which can bring your company’s business to a standstill. It may also be used to check the content of e-mails to make sure they conform with standards set out in your security policy.
Monitoring, management, analysis
Once you have your security system in place, you may be feeling safe – but security managers should never rest on their laurels. First off, you have to make sure that your system is actually working. The majority of firewall breaches occur because the firewall has been wrongly configured. Test your systems.
A number of vulnerability testing tools are available, including WebTrend’s Security Analyser, which throws the latest tests at your system to see if there are any holes.
Keeping up-to-date is vital. Hackers and virus writers will always come up with new ideas. Expert help is very useful here. Solutions such as the WatchGuard LiveSecurity system (for firewall-based Internet security) are also helpful, providing software updates, threat responses, timely information and technical support to keep your defences updated.
Monitoring and analysis are also key. Unless you monitor your firewall activity and generate easy-to-understand reports, you simply wouldn’t know if someone was trying to breach your firewall 100 times a day – and you most certainly would want to know about that! WebTrends’ Firewall Suite, which provides easy-to-understand reporting, is a useful aid.
Is a firewall enough? It’s a ‘must have’, but if you’re really serious about network security you need to take a much broader approach. One that recognises the crucial importance of information, and the absolute necessity of protecting it. One that truly integrates security throughout the business, and one that involves all staff in the security process.
Paul Oxley is product marketing manager at Wick Hill
