Next Generation Firewalls Explained

Pretty much everything you do with a computer in your business either involves connecting to the internet or connecting to services on the internet. Your internet connection has several components and security is one of the most important of those components.

Beware Threat Actors

Firstly, let’s explain the term threat actors. These are malicious people or entities, such as hacking groups, who are are looking to perform some kind of of malicious activity. There was a new study recently conducted by Palo Alto networks in which some researchers set up 320 honeypots, or easily hackable systems on the internet. And within 24 hours, 80% of these honeypots had been accessed by some kind of threat actor.

Therefore it just goes to show you that if 80% of these easily hackable systems or honeypots can be found within 24 hours, how protected are you? No-one is safe! The hackers or threat actors are looking to remote control whatever they can on the internet.

It used to be that once a hacker had got into your system, and maybe gained access to a computer or another part of the network, they would cause havoc from there. Now they're a lot smarter than that. They might sit in your system for anything up to a hundred days waiting for the right time to actually strike.

Next Generation Firewalls

There are many things that you can use to protect your organisation. One of these is the next generation firewall. When we mention firewalls, we are speaking specifically about a piece of hardware, that box that manages the connectivity between network and the internet.

If you think about the different firewalls that you get, such as the ones that come free from your internet service provider or some of the basic ones that you can buy online, there are loads of options and they will give you a modicum of security.

The next generation firewalls have a lot more protection on them. You can think of them like having security guards on both sides of your door, checking, and tracking people coming in and out. You do need to let things into your network or else you would never be able to communicate with the world. but you need to know which things to let in and which to keep out. Sometimes you can get malicious software or viruses that will try to set themselves up and start to communicate with the outside world. And quite often, a next generation firewall will recognize that this is happening. They'll log that this is an issue, and then they will alert you, your managed service provider or your IT department.

Subscription Firewalls

A lot of next generation firewalls have antivirus actually installed on them. They tend to call it AMP or advanced malware protection and it makes sure that everything's either clean or cleaned as it goes in and comes out of your organization.

 Next generation firewalls do cost more, often via a subscription that you pay for from the manufacturer. The best part about this model is that you know that you're paying for the manufacturer to regularly update them and so things are constantly improving. They're constantly making sure that any new security issues are being addressed through real time updates. The best feature is that they actually log every transaction, every single bit of communication, not from a spying point of view, but simply recording that some communication came from this computer and went to that computer without actually showing you what they're actually communicating on.

You can go down the route of showing what is in each communication - that's called content filtering -  but it’s a very advanced process. And it's definitely another cost that you could add on if you want to content filter.

Firewalls For Remote Workers

One of the things that we often face with installing a firewall these days, especially in the last 18 months, is how to protect the people working from home? The quick answer is you can create a connection so that you can connect into the firewall from home using what's known as VPN or virtual private network connection. Alternatively, you can get a miniature or a home version of the same thing that's in the office which uses the subscriptions that you pay for on the big firewall and implements them on the smaller one.

So there are some really handy and neat solutions out there. And with some of these, you can actually just plug them directly into your home internet connection, and they will protect anything that’s past that little firewall. And I would urge you to engage with your IT provider or your IT department to see if that's something that you could use to protect yourself at home.

Start Investing Now

In our experience, most things that we do within a business either involve connecting to the internet we’re leveraging services that are in the cloud, or hosted on somebody else's data center or somebody else's server for this reason, instead of investing in IT systems within your organisation,

We recommend that you invest in cloud systems, invest in everything that's out there, and then have a next generation firewall to protect your connection to the internet and to these systems. It's a much better way to operate. Moving forward, companies should really be investing more in their connectivity, their internet connections, than they should be in their infrastructure actually on their premises. Most of the computer based services we use are connected to the internet or connected to a cloud based service in some shape or form. And for that reason, in order to protect you and your business a next generation fire wall is really a pretty sound investment for your business. It’s a good idea to start looking at these things today.