Web Hosting Blog
To put it in it’s most basic terms, a firewall acts like a filter between a computer or network and the internet. It’s a device that monitors incoming and outgoing traffic to the network which can then be configured to accept or deny certain traffic based on predefined security rules.
There are different types of firewalls that you could consider for your server, in this blog post we will focus on one type, which is a dedicated managed firewall.
Any reputable hosting company will already have it’s own extensive physical and cyber security protection in their data centres. However this protection will be configured to the needs of the data centre and therefore will not be specifically tailored to your own business or needs.
Having your own dedicated firewall allows you to create an even more robust and secure environment, with your own, tailored levels of protection.
Having your own dedicated firewall gives you full control as it’s set up on your server, only used by your business and not shared with anybody else. Having full control over your security configuration means that you are able to set up the device to match your company security policies exactly, which also means you can update or change the configuration if your policies change and grow. With a dedicated firewall, you can also set up a secure VPN connection to your server.
There are many benefits to having your own dedicated firewall. For a closer look, let’s review the benefits that come with having a Cisco ASA 5506-X Managed Hardware Firewall Appliance, which is the managed Firewall offered by CWCS Managed Hosting.
Network and Traffic Segmentation – The Cisco ASA 5506-X supports up to 30 VLANs and improves both security and performance by defining and segregating internal ‘DMZ’ and external networks and applying policies separately.
Next Generation Firewall (NGFW) – The industry’s first threat-focused NGFW; provides 8 routed Gigabit Ethernet ports, ASA firewall functionality, advanced threat protection, and advanced intrusion prevention and detection in a single appliance.
Virtual Private Networks (VPN) – With a VPN, you can connect your corporate network to your servers or securely access them remotely from anywhere in the world. The device can support up to 50 concurrent VPN sessions, including site to site and remote users with IPSec and the Cisco Anyconnect SSL VPN client.
IP and Port Filtering (Level 2/3/4) – You can use Access Control Lists to restrict traffic by source/destination IP address, network, VLAN, protocol or port, and protect management services (SSH, Remote Desktop, SNMP) from intrusion.
Intrustion Prevention System – This will provide highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multi vector threats and automate defence response.
Stateful Packet Inspection – Only packets matching a known active connection are allowed to pass through the firewall. Certain traffic can be inspected by the firewall and dynamically rewritten, e.g. dynamically opening a port to allow passive FTP
Enterprise Class Management – Dashboards and drill down reports of discovered hosts, applications, threats, and indications of compromise for comprehensive visibility. Cisco’s ASDM graphical user interface offers enterprise level management with ease.
Although using a dedicated firewall will incur more costs to your business, the additional functionality and security benefits are well worth it. Prevention is always cheaper than a cure where security is concerned, whether that be reputational cost or financial cost that would relate to an incident such as data theft or server compromise. A dedicated firewall can give you peace of mind against all manner of threats meaning you have more time to focus on your business and spend less time worrying about such incidents. Due to this your dedicated firewall could prove to be most cost effective over the long term.