Tuesday, May 26, 2009

A Firewall Can Protect Your Business From Internet Security Threats, Don't Rely on Your ADSL Router

Many small businesses connect to the Internet via cost-effective Asymmetric Digital Subscriber Line (ADSL) technology. Before ADSL, as streamyx 124 small business, there were very few options available to you, other than to use streamyx web With ADSL it became feasible for (Small and Medium Enterprises) SME's to link their networks to the Internet, and take advantage of its global reach, almost instantaneous communication via the Internet's killer-application, namely email, and its vast amount of information.

But with these great positives comes some negatives as well, which, if not managed properly, can end up costing SMEs time and money. Unfortunately when a business connect to the Internet they also streamyx wireless broadband themselves up to external and internal threats which were not an a big a issue before 24 hour Internet connectivity.

Beside the threat of viruses and the wasted time and resources they can cost a company, there is the threat of having your vital data stolen or lost for ever, then there is the issue of employee abuse of Internet connection and lost productivity with you-tube and Facebook. In some cases employees install peer-to-peer software and download movies and music at work costing their employer a considerable amount in bandwidth, not to mention opening the company up to potential litigation.

Protect your ADSL connection with a firewall

Most SMEs rely on the flimsy firewall that comes with their default ADSL router for protection. This software is fine for a home user but not for a business. In many cases their is only an incoming firewall but no outgoing firewall, proxy or virus scanning facilities.

It does not allow you to control employee access to the net nor does it provide you with detailed reports to manage your Internet usage. In many cases the software is never updated.

Unprotected networks lead to increased costs

Without a decent firewall business owners find that their network become increasing unstable as more and more viruses, Trojans, bots and other malicious pieces of software start to wreck havoc on the network. Owners also wonder why their bandwidth usage is so high little realizing that peer-to-peer applications allow users to both upload and share content even when no-one is actively using the computer.

Usually business responds by buying, or at least updating, their anti-virus software. This is necessary but does little to increase the stability of the network or prevent abuse. Virus vendors struggle to keep up with the every rising tide of malware while Microsoft's weak security practices means that Internet Explorer can cause your machine to be infected with malware just by visiting a web page.

The biggest weakness of relying on anti-virus software, and your ADSL router only, is that it only requires one machine on the network to be vulnerable to cause a problem. If Jane, for example, has been on leave for a month and her machine has not updated itself you are at risk.

Besides anti-virus software a frequently employed policy is to tell staff not to open "suspicious" emails or visit "suspicious" sites. It goes without saying that these "policies" have little effect.

Cost-Effective Firewalls are available

If one wants to properly protect the internal network, control employee's use of the Internet and manage bandwidth costs then a firewall is essential. The good news is that a firewall does not need to cost an arm-and-a-leg. The best firewalls are in fact free, and based on Linux. Even better news is that they are easy to install and configure, coming with an easy to use graphical user interface or GUI.

Firewall benefits

Typical features of a firewall include:

  • Web proxy - this will save you money on your bandwidth costs as Streamyx accessed pages are cached locally,
  • Web filtering - blocking of inappropriate sites based on configurable parameters, or one can block specific sites e.g. you-tube,
  • Filtering of web sites for malicious content - stop the virus before it even reaches the end user!,
  • Mail filter and anti-spam engine - once again it better to stop the threat at the perimeter rather than fight it once it has entered the network,
  • Block outgoing port for application such as Instant Messaging and Skype or peer-to-peer file sharing software, if that is your company policy,
  • Blocking of incoming ports unless you decide to select a few ports to forward, i.e. allow external access to applications,
  • Reports on usage per user

So a decent firewall is a necessity for any business that has a 24 hr Internet connection. Once installed businesses find that the amount of down time due to viruses outbreaks,lost data, lost productivity and bandwidth "theft" is greatly reduced the benefits far out-weighting any cost involved in installing the firewall in the first place.

So if you are looking for a decent, easy to use, Linux based firewall consider:

  • Endian Firewall, or
  • IPCOP

Mark Clarke is a IT consultant working at Jumping Bean, an open source solutions tmnet streamyx self company based in Johannesburg, South Africa. He has over 10 years experience building free and open source solutions, to provide small and medium businesses with the benefits of more expensive, proprietary solutions, without the cost. Interoperability with Microsoft products is a key component of this work. More information can be found at the On Site Tech Support.