Firewalls can appear complicated at first glance. However, in reality, they’re easy to set up and offer an important defence against cyber threats. So, to help you better understand firewalls and how to protect your business, here’s everything you need to know.
What is a firewall?
A ‘firewall’ is a tool that protects your home or office systems from malicious traffic on the internet.
Think of it as a well-armed bouncer, checking anything that enters your network for threats. It creates a barrier between a ‘trusted network’ (such as your office) and an ‘untrusted network’, like the internet.
Firewalls keep your devices operating reliably. But they also protect you from a variety of threats, such as DoS (Denial of Service) and malicious packet attacks.
Most modern devices contain a firewall of some kind. You’ll find one built into your laptop and internet router, although, crucially not on most smartphones. Many businesses also set up a separate hardware firewall in addition to the one built into devices for an extra layer of security.
Where does the term ‘firewall’ come from?
The term ‘firewall’ has an interesting history (no, really). The term originally refers to a wall built to contain a fire between adjacent buildings. Later, it was used to describe the metal sheet that separates the engine compartment from passengers on an aeroplane.
It wasn’t until the 1980s that ‘firewall’ first became synonymous with the internet. The term appeared in the 1983 computer-hacking movie WarGames to describe the act of filtering data coming through routers and possibly inspired its later use.
How does a firewall work?
Firewalls analyse all incoming traffic based on a set of pre-set rules. The rules are then used to filter out anything malicious or suspicious and prevent attacks.
The slightly more technical explanation is that firewalls filter traffic at a computer’s entry points or ‘ports’. These ports are where information is exchanged with external devices. For example, a rule might look something like this:
“Source address 172.18.1.1 is allowed to reach destination 172.18.2.1 over port 22.”
A great analogy for understanding this is to think of an IP address (the unique number that identifies your device) as a house and port numbers as rooms within the house. Only trusted people (IP addresses) are allowed to enter the house at all. Then, once in the house, trusted people are only allowed to access certain rooms (destination ports).
It’s much like hosting a party at your house, in that you’d probably keep some rooms off-limits. Perhaps there are some rooms that could pose a threat to children or maybe you just like your privacy, either way, the same basic principle applies to firewalls. Trusted devices are only allowed access to certain places.
Why are firewalls important?
Simply put firewalls are a vital first line of defence. To return to our bouncer analogy from earlier, without a doorman anyone can enter the building. Without a firewall, anyone can get into your business.
It’s not difficult for even a relatively unsophisticated cybercriminal to probe your organisation’s devices in an attempt to break into your systems. Without a properly configured firewall, they’re much more likely to succeed.
What’s more, the consequences can be disastrous. Not only will hackers gain access to your data and potentially leak it or use it maliciously, but the financial hit can also be severe. According to insurer Hiscox, the average cost of a breach for an SME is £11,000, and that’s before we even consider reputational damage or fines from regulators.
A properly configured, maintained and monitored firewall will go a long way towards protecting your business.
But what do we mean by ‘properly’ configured? Well, for your firewall to work optimally, you need to ensure it has the power to manage normal and encrypted internet traffic without slowing down your devices or compromising security. A good IT support partner can help you do this or, alternatively, automated tools like CyberSmart can guide you through the process yourself.
Firewalls and Cyber Essentials
You might be reading this article because you’ve come across the firewalls section of the Cyber Essentials questionnaire. Or perhaps you’re considering completing Cyber Essentials certification for your business.
Either way, the section of Cyber Essentials dealing with firewalls can appear confusing. But, in reality, it’s very simple. You’ll be asked about which firewalls you have in place, whether they are password protected and ‘accessible’ services.
The first two elements are self-explanatory. All you need do is list the firewalls you use and set up password protection for them if you don’t already have it (the questionnaire or one of our team will provide guidance on how to do this). However, ‘accessible services’ is a little more complicated.
What does ‘accessible services’ mean?
‘Accessible services’ is the traffic that is approved to pass through the firewall. In an office environment, your firewalls will usually be configured so that IT support can access anything they need to. However, most of us aren’t working in an office at the moment and home routers are often set up to block all services as default.
Sadly, working from home doesn’t mean the end of all IT troubles, so your remote workers may wish to allow external access to their personal router. If this is the case, then it’s best practice to allow a single, static IP address through the firewall. That way, you can be sure your IT support team, and only the IT support team, has access.
And that’s all there is to firewalls. Hopefully, this has answered most of your questions but, if there’s anything else you’d like to know, please get in touch with one of our team.
Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.