On this post I’d like to share about how important a firewall for your business. Don’t rely on the marketing jargon of each firewall vendors. You need to consider many aspects before you purchase firewall, so you won’t wrongly choosing the wrong firewall.
What is a firewall ?
Sure, you need to know what firewall is before you get any interest about this topic. So, we can refer to one of the leader of firewall vendor Cisco which describe it as below:
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. A firewall can be hardware, software, software-as-a service (SaaS), public cloud, or private cloud (virtual). (Cisco.com)
Why does it necessary for your business?
Alright, a firewall provides a foundation for your network security architecture. Firewalls serve the network traffic inspection crossing your network for malicious content, sensitive data leakage, or other threats. Without firewall, you may left your network unsecured since there’s no responsible technology ensuring your network traffic flowing securely.
Things to consider during firewall selection!!
- Requirement
The most important thing you need to consider is your business requirement against this security device. Depending on your corporate IT architecture, you will need some consideration of the firewall type and it’s necessity. Many business right now have hybrid IT workload architecture both on-premise and on the cloud. While other may still on the legacy on-premise workload only. The workload you want to protect will determine the selection. I tried to provide some scenario, it may help.
Scenario A: All of your workload are on-premise, you also have IoT devices, you may need to strengthen security measures on your premise by choosing the Next-Gen Firewall (NGFW).
Scenario B: You have all your workload on the cloud, so you may consider SaaS firewall. - Budget
Choosing firewall also need to consider budget which allocated from your business revenue, you can choose open source firewall such as pfsense which offer or from commercial brands such as Cisco, Sophos, CheckPoint, Juniper and many other brands. One thing, even though you need to purchase the hardware upfront as your capital expenditure, but most of firewall brands also offer annual subscription which will be your business running cost. Why? Firewall is a security device, and it need periodical update of its software, warranty extension, and also support from the vendor it’s all does cost some amount and need to put as your operating expense.
Similar to other physical network devices, each firewall has its lifecycle so you need to check the end-of-life of the firewall series before purchasing them. I recommend you to consider selecting a firewall series which have end-of-life date equal or more than your asset life-cycle time if you treat it as an asset. Otherwise when the end-of-life reached but your asset still have asset book value you will need to consider replacing your firewall. For example: Your business define an electronic device life cycle (depreciation) as 5 years, you were selecting a firewall series which will be end-of-life during 3 years, so you will need to consider to replace the firewall on 4th year or you will not receive support from the vendor. - Group Company Regulation
If you are the business owner of large organization, you may need to consider to unify the firewalls used by each branch. Why? Some of the reason are there, including: reduce time to train your IT team with multiple firewall brands, unified support with single brand, and many other benefits. - Vendor Support
On the long run, you will need an extra-ordinary support for your firewall vendor.
If the firewall you choose is a physical hardware, one-day it may fails and you need to claim for the replacement from you vendor. Make sure that firewall brand you choose have available local support or distributor so if you return the broken firewall, you will receive the replacement immediately. Vendor support for daily operation, bug fixes also very important point to consider.