An Ultimate Guide About Firewall Security


wifi router

Introduction:

A close up of a device

A firewall is a security system that protects your computer or network from unauthorized access. Firewalls can be hardware-based or software-based. They work by allowing or denying traffic based on a set of rules you create. Firewall security is important because it can help protect your computer or network from unauthorized access, which can lead to data theft or virus infection.

Built-in Windows Firewall:

A person sitting on a bed

If you want to implement a firewall, you can set up basic firewalls with third-party software or use the built-in Windows Firewall. Whether your computer is connected directly to a broadband modem, part of a network that’s connected to the Internet via a router and gateway, or behind another firewall (like at work), it’s important to know how to protect your computer against the dangers of the Internet.

Once you’ve installed a firewall, you’ll need to decide which rules (or policies) it should use and then configure those rules according to instructions provided by the vendor or developer of the firewall software. Rules determine what is allowed into and out of your network, as well as where within the network all activity takes place.

Strong password:

Use a strong password for your wireless network access point or router so others cannot connect. If someone does gain unauthorized access, they won’t be able to reach anything important because none of your shared folders should have an open connection.

Network Access Protection feature:

For Windows XP, SP2 users, use the Network Access Protection feature to reduce your exposure to network attacks from outside your network. This is a client-side firewall solution. You can find out more about it here or download it here. If you are using Windows Vista, learn how to harden Windows Firewall with Advanced Security. Also, see my article on How To Use NAP In Enterprise Deployments for full details of the NAP deployment process and what roles each component has.

Configure the firewall rules:

Configure the firewall rules every time that you set up a new application or device on your network. If you do not remember what ports and protocols were open when using an application then enable logging of dropped packets in the firewall so they can be reviewed later when a problem arises. You should also consider configuring your router to drop all unsolicited incoming traffic from the Internet because this stops unknown external users from trying to connect directly to computers behind a NAT-based router that they cannot see.

Proxy firewall:

Install a proxy firewall on your gateway computer that allows you to monitor all traffic between your internal network and the Internet. Alternatively, install one on each internal system that is connected directly to the Internet so you can both monitor and control what goes in and out of your network. For example, Squid Proxy Server has local client agent software available for all popular web browsers which makes installing this solution very easy. However, be aware that proxy servers can increase latency while using the Internet because all data must pass through the proxy before being sent out onto the Internet. Some security experts are also concerned about your sensitive data being stored on proxy servers, but there are several ways to configure proxies to limit this risk. Please don’t ask me how to do this as I usually recommend installing a stateful packet inspection firewall that only allows specific ports and protocols to leave your network, which means that you can avoid configuring proxy server settings for most network traffic.

IPSec authentication:

Use IPSec authentication to verify the identity of remote VPN clients. If you are using certificates for this then make sure that each one has an expiration date after which it should not be used to avoid key rollover issues. Newer OSs such as Vista, Windows Server 2008, and OS X all have native support for certificate-based IPSec authentication without any special software being required, but older OSs will need third-party software to provide this functionality. For example, FreeS/WAN supports certificate-based authentication on almost every *nix platform, Windows XP with SP1 can only use IPSec policies which do not require certificates if both endpoints have static IP addresses, and Windows 2000 and 2003 servers can only use certificates if the VPN server is configured to authenticate remote clients.

Kerberos authentication :

Consider using Kerberos authentication for IPSec policies instead of certificates because it is usually easier to manage. The drawback is that you must have a centralized user or computer database such as Active Directory running on your network before you can take advantage of this functionality. For example, the University of Michigan has produced software called PSAD that allows any *nix system to authenticate IPSec peers without needing an Active Directory infrastructure in-between them.

Conclusion:

Firewall security is a complex topic, but hopefully, the tips we’ve provided will help you get started in securing your network. Remember that it’s important to use multiple layers of security and don’t rely on just one solution such as a firewall to protect your systems. Also, be sure to keep all software up-to-date with the latest patches and security fixes to minimize your risk of being hacked.

Subscribe to our monthly Newsletter
Subscribe to our monthly Newsletter