Comprehensive network security

There are different reasons to be using a network firewall, where the most important one is related to the protection of computers, servers, and other devices within a private network. It is common to hear that “I have no important information to be stolen”, though, attacks may be performed based on other reasons, such as the use of processing and memory power of the computers within the network, or even the use of those computers to steal online information, bank account credentials, between others. Among the most common attacks, it is possible to highlight:

 ·      Downstream Liability:

The network may be used as an access to attack other networks.

·      Data Loss:

Some crackers gain access to the network and delete files and information, not because it is valuable information for them, but most of the time to show that they are capable of doing it. This shows the need of a proper data security and backing up information.

·      Confidential Data Leak:

Privacy and special personal and other confidential data privacy is nowadays one of the major concerns in the data security field. Attacks against systems and devices that save confidential information is one of the main used ones and its protection is a major focus by all organizations. Focusing not only on personal information, such has clients’ names and contacts, also confidential projects and sensitive information is a target of attack. Protecting these systems is a very important task where a security plan must be carefully planned and implemented.

·      Denial-of-Service:

Without a firewall, networks are vulnerable to attacks that can cause different levels of damage to the networks and its systems. Also very common, the attack of denial of service may turn a network unreachable and irresponsive to communication and system calls. Taking the example of a hospital, where important information is always flowing by the network, and where human lives depend on the easy and fast access of that information, a denial-of-service attack may cause severe damages, not just to the network and organization, but also to human lives.

As is it possible to understand at this point, an unprotected network, opens the possibility to attackers to gain access or cause damage to information and private systems, taking control over them and performing the vastest possible tasks against the network itself, or other networks.

Though it is an important and major device, a firewall has also its limitations and disadvantages. The main limitations are related to the type of solution and the used implementation architecture. These devices are, indeed, a major security device to be used, however, there are still far from perfection, where we may highlight the following limitations:

·      It may deliver the desired security level, however, compromising the performance of the network or device.

·      Security policies must be regularly updated and reviewed, so network services are not compromised.

·      New network services and protocols may not be properly identified and treated by the existing firewalls.

·      It may not be able to properly protect the private network from a malicious activity.

·      It may not be able to detect a malicious insider or malicious activity that origins by an allowed user.

·      Firewall must be frequently analysed and configured, so attackers cannot explore the security gaps.

·      Firewalls may not control connections that are performed through it.

 

Apart from these limitations, firewalls are still one of the bets security mechanisms to be implemented on a network, to improve its security levels, bringing important advantages:

·      Protection against vulnerable services – allowing just specific and necessary network and communication protocols.

·      Controlled access to internal sites and systems – prevents the access from unauthorised users and attackers.

·      Centred security – it is possible to centre all security and access policies in one firewall device or software.

·      Increased privacy levels – Possible to block the access of logging information.

 

Moreover, also some disadvantages may be identified:

·      Restricted access to important network services – the most frequent disadvantage from using a firewall is to restrict the access to common and important services, such as TELNET and FTP. Though, this is disadvantage is not only applicable to firewalls, but also to other security systems.

·      Need to balance the security plan – to properly allow communications and vital services access, it is important to find a balance between the needs and security policies. It is necessary to restrict the use of ports and prevent internal attacks.

·      Virus protection – because virus can be different codifications and compressed by many different ways, a firewall is not considered the best solution to protect the networks against a virus infection.