Firewalls: When disabling the ports is not enough

With more and more clients run out checkup tool, https://footprint.aegisitsolutions.net/checkup/,  the more we are asked a question of, “I have really good antivirus, why is your tool showing that we are not protected?”

The answer is that the vast majority of perimeter security devices we come across are configured to just block ports, with the theory that if the door is locked, you’re protected. The reason for that is simple. In order for an organization to function in the modern world, they need to have bidirectional internet access, which opens up the two internet access ports on the device: port 80 for unsecured internet (HTTP) and port 443 for secured internet access (HTTPS).

Most of the modern attacks are designed to permeate through those two ports, which is why most of new firewall appliances have the capabilities of advanced scanning options to protect against these types of attacks. This, however, requires a purchase of a license to enable these advanced features and intimate knowledge of how to properly configure them so as not to impact daily business functionality.

When malware, ransomware, or a virus get stopped by your antivurs/anti-malware software on your PC, it is already too late. That is because these nefarious are already within your network and are providing an access point to an attacker. A firewall that has been properly configured with application and web protection will prevent that from happening. In the coming months we will be providing guides on how to properly implement perimeter security using devices from different manufacturers, in the meantime, feel free to reach out if you need some advice or if you would like to explore some of our cybersecurity options

Leave a Reply

Your email address will not be published. Required fields are marked *