A firewall is the guard at the gate of your network. It decides which communication may come in and out and which may not. A badly set up firewall, however, only protects in appearance. Let us explain how a firewall works and how to set it up so it really does its job.

What a firewall does

A firewall checks both incoming and outgoing communication according to the rules you have given it. What is allowed, it lets through, and everything else it blocks. Thanks to this, what has no business reaching your devices does not, and at the same time you can limit where communication may go out.

Where a firewall sits

A firewall exists in several forms, and it is best to combine them:

  • In the router there is a basic firewall that protects the boundary between your network and the internet.
  • In the operating system (Windows, macOS, Linux) there is a software firewall directly on the device.
  • A standalone hardware firewall or a UTM or NGFW gateway is used in companies that need more control and performance.

The basic principle: block everything, allow only what is needed

This is the golden rule. A quality firewall first blocks everything and then allows only what you really need (so-called default deny). The opposite approach, where everything is open and you close individual holes, is doomed to fail. The fewer open doors, the fewer opportunities for an attacker.

How to set up a quality firewall, step by step

  1. Turn on the firewall on the router and on the devices. Never turn it off just because “an app does not work”.
  2. Block remote access to the admin from outside, as we write in the article on securing a router.
  3. Open only the ports you really need, and even those rather via a VPN than directly to the internet.
  4. Set rules for outgoing traffic too, so any malicious program cannot call home.
  5. Enable logging, so you can see what the firewall blocks and what passes.
  6. Segment the network, that is separate parts with different trust (guests, IoT, cameras, workstations). More in the article on separating a network with VLANs.

More advanced: an application firewall and IDS/IPS

Modern firewalls (UTM or NGFW) see deeper than just ports. They understand applications, can block malicious code, filter content and detect an attack in real time (IDS/IPS). For a company with sensitive data, such a firewall is a sensible investment.

The most common mistakes

  • Needlessly open ports to the internet that were forgotten.
  • A disabled firewall, because it “got in the way” of some application.
  • No updates to the firewall firmware, so known holes remain.
  • One flat network without segmentation, where everything sees everything else.

Want a firewall designed and set up so it really protects? Get in touch, we will do it for you, also as part of IT support for companies. This is related to cybersecurity principles.