The musings of an IT Consultant

Nov 30 2009   5:32AM GMT

Does your firewall do everything you need?

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! So as I’ve said before, not all network equipment is created equal. This includes firewalls. In my years of consulting I have had the pleasure of using countless hardware and software based firewall solutions. Everything seems to have it’s advantages and disadvantages for certain situations, and some firewalls are just horrible all around.

So the question you need to ask yourself, is does your firewall do everything you need? For example, there are some firewalls that will crush VoIP and refuse to pass the traffic properly even though they advertise they can. Or there will be some firewalls that will have a GUI or CLI but not implement it in the expected way making firewall administration a nightmare. Some block ports, but don’t do any advanced IPS or IDS.

So when you are buying a firewall, don’t just look at the security aspect of it. There is much more to a firewall than that. Also pay heed to the other features that will affect you everyday but that you just might not think about off the top of your head. Also just because a firewall has every feature under the sun, doesn’t make it a great idea to buy it. Sometimes it pays to seperate out features into different hardware appliances.

My point here is that everything is going to depend on your network needs. There isn’t one firewall that fits all. Do your due diligence and do that research before purchasing!


1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • SMagee
    Great article Raj! I am the CEO of TechGuard Security and this topic is something that I am constantly talking about. When someone is looking to implement a firewall, there are many features that need to be discussed that reach beyond the issue of security. Individuals and organizations alike should think about the potential overhead for latency, bandwidth allocation and rule set management. Thanks again for getting this message out there!
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: