A network security appliance is a piece of hardware you buy that is already installed with the required software to do the job intended. You can buy a firewall appliance or download software to run on your own hardware. Learn the benefits and drawbacks to both, and hear some guidance on best practices.
- [Narrator] A firewall is a layer of security that is placed between an untrusted network and a network or device you want to protect. There are many types of firewalls and we will cover each of them over the next few minutes. The router you likely have is the one provided by your Internet service provider. This router will frequently have basic firewall functions built in, which frankly is better than having no protection at all. Many ISP routers include limited Wi-Fi functionality as well, but usually these wireless connections are minimally configurable and are not easily expanded beyond the device itself to provide coverage to larger physical spaces, such as an office building, large hours, or extending coverage to outdoor areas. The downside to using the firewall included with your ISP's equipment is that ISP's are known for providing only a few models of hardware to their customers with admin settings and available exploits that are well documented among hackers. These exploits are typically well documented and easily applied. Firewalls of this type are basic, providing limited protections. In general, these types of firewalls are easily overcome by attackers, which is why in most cases, it is advised to replace them with more advanced equipment. In a home environment, the next step up would be a firewall appliance designed for home users. These security appliances have advanced firewall capabilities that use artificial intelligence, in some cases, to monitor and protect your network. No advanced configuration skill is needed to set one up. Most options come bundled with computer or mobile device protection software you can install on all of the devices that you own. Because these appliances are designed for home use, they typically have inexpensive licensing. If you're a mom or a dad looking to just protect your home and kids, and you have no interest in becoming a network admin, please do yourself a favor and go for this type of option. The downside to a home security appliance is they usually have limited custom configurability for special networking needs. For example, typical home firewalls do not have inbound VPN Server capabilities. At the next level up, you get into enterprise class firewalls, which come in a huge variety of brands, speeds and capabilities. These devices are intended to support more connections and services like video calls, VOIP connections and streaming YouTube videos simultaneously to 10's or 100's of thousands of devices at a time. Which means each choice of firewall in these enterprise device class devices will need to be carefully designed to meet the needs of the intended user base and network traffic expectations. These enterprise class devices are always expensive and require extensive training and experience to administer effectively. Open-source firewalls benefit from a free to distribute and update software model that is supported by an open-source community. These devices, typically, have a large variety of plug-ins and options that you can design into your deployment. The flexibility of an open-source option may be too much for an untrained or inexperienced administrator to handle. But if you're a professional or want to become one, or if you're a hobbyist with the interest, I believe open-source options are, by far, the most fun and sometimes the most unforgiving way to learn. There are software firewalls that come pre-installed in any of the major operating systems. They supplement network firewalls by protecting the device locally, therefore, providing protection to that device anywhere it goes. They're easy to enable. The downside of local firewalls is that they only protect the device on which they are installed. They don't provide any protection to other devices on the network. And they also do not provide any kind of organization-wide controls or reporting for a network admin. Distributed firewalls are an entirely different type of system designed to protect each host on your network locally and individually while adding the benefit of global organization-wide reporting and controls. The only real downside is the additional cost distributed firewalls bring to the table.
- Designing your network
- Creating firewall schedules and rules
- Setting up a virtual IP
- Using aliases to group hosts
- Preventing local traffic from exiting to the internet
- Using Snort and other intrusion detection systems
- Prioritizing VoIP traffic
- Blocking access to specific websites
- Troubleshooting gaming performance issues
- Interpreting TCP flag definitions