Choosing the best firewall for your specific environment requires knowledge of firewall options and understanding of the security needs of your network environment. Automatically selecting the most expensive option, the least expensive one, or an open-source solution fails to properly assess the situation. Firewalls are essential elements of security. It would be careless to select a product without due diligence.
Selecting and purchasing the right firewall for your organization’s situation requires careful evaluation. As with any big decision, always resolve important aspects of the process sooner rather than later. For example, first familiarize yourself with the budget for the purchase.
Before you research and evaluate firewalls, you should make sure that your organization has created a written security policy. You would then select the firewall that can fulfill and comply with the policy.
The basic concept of any firewall is the same, so you should evaluate a firewall based on the level of security and features it offers. First and foremost, the firewall should be able to fulfill and comply with your security policy. Some other characteristics to consider are:
When considering the features, consider the product’s ability to meet the needs of the organization. A good firewall product should provide:
When considering integrated features, consider the ability of the firewall to meet your network and users’ needs. This includes:
Knowing the amount of money available for firewall protection helps you quickly eliminate those products clearly outside your price range. Do not automatically discard every product above the budget limit, but realize that anything more than about 15 percent of your maximum allowance is probably out of reach.
Next, consider whether an open-source solution is a viable option for your corporate culture. Some organizations are philosophically opposed to open-source solutions, while others embrace and encourage such endeavors.
Do you want to include the option to build your own or focus on only off-the-shelf, ready-to-deploy options? Making this decision early will help guide you toward a viable choice.
Familiarize yourself with the wire speed of the network, general traffic levels, the types of filtering desired, types or forms of recent attacks, and future growth and expansion plans. Armed with this information, you can begin a serious review for the most appropriate firewall solutions.
Read current firewall reviews both online and in technical publications and trade journals, and consult buyer’s guides for expert advice. Browse IT association blogs and discussion forums. Find firewall options that fall within the parameters you identified based on your understanding of the network and known threats.
Some general guidelines will assist you in this process:
Firewall technology advances quickly. Often, new attacks and exploits crafted by hackers drive these advancements and upgrades. A specific recommendation for a specific model, product line, or even vendor has a finite life. Before selecting a specific firewall product, do research to verify that the vendor is still supporting the firewall product. In the case of a software firewall, ensure that the solution is compatible with and maintained for your OS. You do not want to buy a product that has already been marked for retirement or at risk of being quickly superseded. Check on the revision history and, based on previous time frames, estimate if the current version release is due for a revision.
A single firewall product rarely satisfies every need. However, you should be able to find one or more firewall solutions that address the primary security concerns of your organization.
After purchase, regularly visit the vendor’s website and discussion forums (including non-vendor-supported sites) for news and information about your firewall product. Keep current with announcements of updates, problems with updates, newly discovered holes or exploits, alternative configuration ideas, troubleshooting options, and more.
18.216.131.214