By Russell Horton, COO, Elitetele.com
Security risks to business systems are increasing at a rapid rate and going undetected by even the best IT teams. As technology grows, businesses are now battling to contain the impact of external threats from employee-owned devices, mobile workers, unauthorised software applications and cloud services.
Gartner  estimates that by 2017, marketing will spend more on technology than the IT department. Yet it’s the hard-pressed IT professionals that will still need to protect everything, and keep employees and company data safe from data-breaches and cyber-attack. For IT teams struggling to secure a rapidly-evolving IT landscape, Managed Firewalls provide the answer.
A managed firewall service offers an advanced security device using Unified Threat Management technology, which can inspect all traffic entering and leaving an organisation. Not only this, but it can look within traffic to inspect the content and detect intrusion attempts anywhere. IT teams can rely on this service to recognise anomalous behaviour and pre-empt attacks before they are able to infiltrate. It can be trusted to alert and notify 24/7, while constantly reporting back to the Network Operations Centre (NOC) to respond to any alert or security event and maintain the system with up-to-date information.
A managed firewall service filters all traffic coming into the network, much like people entering a building. In this way, we can use the analogy of a building with two security guards: a budget security guard versus a UTM security guard, and assess the drawbacks businesses face from using a budget service.
People are receiving emails containing viruses, and staff are browsing websites containing malware, leaving some systems infected.
Budget system: Internal antivirus software can help stop the infection, and if they have support, IT are alerted and can begin the clean-up operation, but this costs time and money and the system has no idea who is infected or why. More so, systems and data may be irreversibly damaged.
UTM: This system detects the infected emails and blocks them. It also detects malicious websites and blocks access to these site. It does not permit files that would cause infection, and notifies the NOC and customer of the events in case there is an underlying issue or pattern.
Data loss prevention
Staff members are emailing price-lists and pipeline reports to their home email addresses, and uploading confidential documents to such services as Dropbox.
Budget system: A legacy firewall cannot detect this activity, and at 3am there is a large upload to Uzbekistani IP addresses. While 500MB of data is being uploaded every night, the source, destination and content are unknown. The business is not aware of this activity and therefore cannot understand how data is falling into third party hands
UTM: The UTM service identifies the documents and alerts the NOC and business owner. It identifies the perpetrator along with evidence/attribution and the security policy blocks access to Dropbox and related services. Daily reports sent by the service highlighting any anomalies in traffic patterns and the company restrict web access to authorised employees only at certain times of day. Any violations or access attempts are then easily reported proactively.
The building operates a Wi-Fi network for staff, meaning all internal systems can be accessed by staff using wireless devices.
Budget system: The level of control is poor as Wi-Fi networks often provide full unrestricted access without granular policies. The Wi-Fi networks can be impersonated by rogue access points, allowing staff to naively join ‘fake’ networks, and Wi-Fi networks can also (accidentally) be enabled granting full access to the corporate networks. Unauthorised access attempts are also not logged by the budget system.
UTM: The firewall supports Bring Your Own Device (BYOD), so access to wireless can also be controlled by device type (iPhone/Android). UTM supports multiple wireless networks with different policies (e.g. Guest, Directors, Sales), and for larger sites, multiple access points can be installed, all managed by the central firewall. The firewall can detect unauthorised access attempts to the wireless networks and alert the NOC.
When companies assess the multiple risks their networks are exposed to, many fall short. But with a managed firewall solution, these risks are negative with a dramatic increase of the network’s visibility, detection and defence capabilities. For businesses, data loss, viruses and other breaches cause significant damage, both financial and reputational. Not only do managed firewalls remove the headache of complex management from IT teams, they also offer lower operational costs along with better performance.
 Laura McLellan at Gartner, 2012