Firewalls For Small Busineses

A firewall protects the small business network against online threats.
A network firewall protects the entire network against online threats.

In this lesson, we’re going to learn about firewalls for small businesses.

A firewall is a system that controls the flow of network traffic in order to improve security. Firewalls can be either software or hardware-based. Network firewalls protect an entire network or part of a network, and tend to be hardware-based. Host firewalls are software-based and protect the computer that they are installed on.

Whenever you go online, data is sent and received as your devices communicate with servers and other devices across the internet. This flow of data is called network traffic. If a hacker targets your device, they must also communicate with it in the same way, using the same protocols as regular network traffic.

A firewall analyzes network traffic and helps protect the entire network, part of a network, or a single device – depending on how it is deployed. Firewalls are able to analyze the data and use different methods to determine whether to allow it or not. Firewall rules are essential to the functionality of a firewall.

The simplest type of rule is to block or allow traffic based on IP address and/or port number. For example, firewalls may use a block list of known malicious IP addresses as an easy way to provide a layer of protection. Any time a user tries to connect to the malicious IP address, the firewall will block the connection to protect the user.

Another common setting for devices other than servers is to block all unsolicited incoming traffic. This helps protect us online, particularly when we connect to an insecure network like a coffee shop Wi-Fi.

But firewalls can also use more complex rules and perform deeper analysis to help determine whether traffic is benign or malicious. Modern firewalls are able to detect a variety of actions taken by attackers, like port scanning or brute forcing and often use many different types of analytic and defensive systems ‘under the hood’ to help protect the network.

There are two common types of firewall: host firewalls and network firewalls. Let’s take a look at each of them.

What’s a Network Firewall?

A network firewall (or network-based firewall) is used to control the flow of data into, out of, and through a network. Network firewalls are physical devices that are installed at an important point on the network, positioned so that traffic must go through it in order to continue onto the network. It’s common to place a firewall at the junction between the internet and the company’s internal network.

This gives the firewall the ability to inspect and control all of the network traffic at the packet level, giving it unprecedented visibility and control.

It also allows network firewalls to provide a critical layer of protection to the entire business network. One of the great things about this is that the network firewall provides protection to every device on the network, including computers, mobile devices, VOIP phones, printers, IoT devices, and others.

Firewalls also offer an important capability: the ability to block malicious traffic to and across the network. Without a network firewall, there isn’t the capability to ban someone from communicating within the network.

They can also aid investigations by providing data about network traffic. For example, they can provide critical information that can be used to determine if the network has been attacked, and if that attack was successful.

One of the most important features of a firewall is the ability to segment a network. Other devices, like switches and routers, can also be used for network segmentation, but the firewall offers significantly better control over each individual network segment and is overall a much more secure option.

Evaluating Network Firewalls

Many modern firewalls have advanced features including deep packet inspection and machine-learning based detection and response. However, these features often come with a hefty price tag.

When a small business is purchasing its first network firewall, we recommend buying one well within budget. There are some great firewalls available for a few hundred dollars that require little to no maintenance or ongoing costs. For many of our clients, we recommend firewalls that are surprisingly low-cost but provide nearly all of the features and capabilities of firewalls that are 10x the price.

More advanced firewalls don’t just cost more for the hardware; they are often more complex, involve licensing fees, and require additional IT support. For small businesses considering the purchase of a firewall, it can be important to know that they are typically better off installing a less expensive firewall as soon as possible, versus waiting until a more expensive one can be justified.

Using a Network Firewall To Set Up VLANs

One of the main reasons we recommend installing a network firewall is that it enables us to set up extremely secure virtual local area networks, or VLANs. This allows us to segment a network – dividing it into several smaller, isolated, secure networks, and firewalls additionally provide a lot of control and security options that you can’t get by using managed switches alone.

We have an entire article dedicated to VLANs and how they can be used to make small business networks much more secure.

You can learn more here.

What About Host Firewalls?

A host-based firewall lives on a single computer and protects it.

Like a network firewall, it functions by inspecting network traffic. The main difference is that because a host-based firewall lives on a host (a device connected to a network), it can only help protect that one machine. In fact, it can only see what the host computer can. In contrast, a network firewall can see all traffic coming into and leaving the network.

Note About Vocabulary: In cybersecurity, the words ‘host‘ and ‘endpoint‘, mean similar things. They usually describe a single computer connected to a network.

The most familiar example of a host firewall is the Windows Defender Firewall, which comes by default with modern Windows installations. Defender is a great firewall for protecting Windows machines. It should always be enabled, along with the default antivirus.

Small businesses should consider using a firewall on every host that can support it, like: employee laptops, workstations, mobile devices (phones and tablets), and servers.

Bundled Products

Various products are often bundled with popular firewall packages. Features like VPN, antivirus (AV), and password managers are increasingly common.

While these bundled packages may be great, each product need to be evaluated independently. We usually don’t recommend purchasing a host-based firewall solution even it comes with a lot of extras. They perform about as well as Windows Defender. We do recommend that small businesses use a budget-friendly network firewall to protect their network(s).

Key Takeaways

  • A host-based firewall protects a single host/endpoint/computer while a network-based firewall protects every device in the network.
  • Small businesses should consider using a host firewall on every endpoint as well as a network firewall to protect the network as a whole.
  • When it comes to purchasing a network firewall, we recommend that small businesses obtain a budget-friendly one to start with and upgrading over time.
  • Firewalls are often bundled with other security products like antivirus, VPN, and password managers.

While different firewalls share many functions, they do have varying capabilities based on the technologies that they use.