Why do I need a firewall ?

What is a firewall ?

A firewall is a device that can look at each piece of data coming into and going out of your network (packets) and then decide whether it is allowed to pass through or not. It’s like a security guard monitoring peoples passes coming onto and going out of work.

Firewalls can either be software based (it resides on the computer) or hardware based (it resides in a separate physical device).

Software based firewalls might include Windows Firewall or IPTables on Linux. Hardware based firewalls might include your broadband router (which has hardware functionality) or some type of device in your server room, which has a cable for connections coming in, and then a number of connections to send it onto different locations.

A firewall is like a security guard – checking each piece of information coming into the network, to make sure its name is on the list.

Do I need a firewall?

In general, the answer is yes. There may be some examples where you don’t need one, though this is the exception rather than the norm. Let me explain how computers work (with regards to communications).

Each time a computer needs to communicate with something (even itself) it uses a port to send the packets to. Think of a port like an open door and the packets being passed to the computer through the open door. We want to restrict which open ports anyone can get to, which is the job of the firewall.

We might need some open ports for our local operations (like windows filesharing) though we wouldn’t want the whole world to be able to access our Windows file shares. There are other ports that we might want to expose to the world like on our web-server (though perform some form of checking first). If someone couldn’t get to our web-server then it wouldn’t be doing what it needs to.

The firewall controls who has access to the open ports on your network and, just like a security guard at your door, decides who can access different parts of your network.

 

How do I decide what firewall I need?

Lets take this step by step.

  • If you just have one computer (like a sole trader) then you might need a software firewall on your computer and a firewall on your router (which attaches to your phone socket somewhere in the house). This would stop opportunist attacks. So make a note of the broadband router (attached to your phone line) and google to see whether this has a firewall – and whether it is still supported.
  • If you have an office network (like a small accountants) you would probably have a similar set up, though with a switch on the internal network – for your printers and file shares. Here you would look for the connection coming into the network  (again  from the phone line) and you may have a second device with a cable going in, and a cable going out.
  • If you perform web-hosting, you probably would have a firewall where it comes into the hosting provider (protecting them) and then a web application firewall, or a software firewall, on the server performing the hosting. In this case, you would contact your hosting provider to get answers from them.

You’ve probably guessed though – whether you need a firewall and what type is an informed decision. It’s like whether you need fully comprehensive motor insurance or third party. Its about fully understanding your risks and making an informed decision (as a business).

In other articles we will look at knowing, and putting a value on, your data. Knowing who would want your data, and why, and the impact of them successfully getting your data,  so you can understand the risks associated with it.