daknetworks.com

You are here: Blog Firewalls

Firewalls

I have experience with many firewalls.

  • -SonicWall
  • -WatchGuard (FireBox).
  • -DDWRT/BusyBox.
  • -PFSENSE.
  • -Untangle.
  • -anything Linux/Unix with IPTABLES.

What's funny is that one time a CFO starting asking me questions about the firewall because they allowed a KEY-LOGGER onto one of their accounting systems and because of their poor choice in banks it logged the USERNAME and PASSWORD to the web site that allows them to do WIRE TRANSFERS.

During the course of asking questions, she said, "You don't seem to know a lot about this?"

Funny.

Still at some level, a point can be derived that not all firewalls are the same. The general idea is that you want to block/allow access to certain items at a network level rather than at a desktop level. You are trying to block incoming items at that network level.

To the network administrator, this can be seen as blocking/allowing the ports needed and directing them where they need to go.

To a client, this is blocking everything bad in the universe from getting on the local machine. So if the person in accounting is playing games, clicks on a link in a spam email and downloads something harmful, this is a result of the firewall not being strong enough and not a result of the person in accounting.

Nor is it the fact that they were trying to save money by going with a less than average bank who ALLOWS WIRE TRANSFERS BY A SIMPLE USERNAME AND PASSWORD!!! ARE YOU OUT OF YOUR MIND!!!

Still firewalls can be used to keep people from harming themselves by blocking some types of files. From this point, you'll have to manage the fine balance of allowing items through to make work flow and block evil stuff all at the same time.

Contact Dak Networks

We are not taking on new clients at this time.