Managed Firewall and IDS/IPS

What is a Firewall?

A firewall is an element in an organization’s IT environment that is designed to secure a network from outside threats. Firewalls enforce  rules about what data packets (units of information, such as emails or Web pages) are allowed to enter or leave an organization’s network. Modern firewalls typically examine packets looking for such questionable items as origination from a blocked web location, protocols that would allow unauthorized users an element of control within the network (such as Telnet, or File Transfer Protocol [FTP] requests), or malicious code and malware embedded in a packet.

A firewall is typically a combination of dedicated hardware and a software application where the IT professional can set the firewall rules. The IT professional  typically places the firewall at the virtual edge of a network. The firewall then functions as a gatekeeper between an organization’s network and the Internet, or other networks. Operationally, firewalls have only two functions, although the level of complexity in performing these functions may vary greatly.  First, firewalls log all the traffic that passes through the firewall. Second, they accept or reject data packets for passage through the firewall, based on the filter settings.

What is a IDS/IPS and how do they differ from a firewall?

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are security applications that look for security threats originating both from outside and inside an organization’s IT environment. IDS/IPS differ from firewalls in three major ways: 1) IDS/IPS can function within a network to detect threats, not just to traffic passing in and out of the network, 2) IDS/IPS are “smarter” than firewalls in that they can learn threat profiles and adapt based on network traffic anomalies or distinct attack patterns, and 3) IDS/IPS are more active than a firewall. An IDS sounds an alarm whenever it detects a threat. In contrast, an IPS will actually take some predetermined action to neutralize the potential threat. To provide an IT environment with optimal security, it should include both firewalls and IDS/IPS.

What is a Managed Firewall?

A managed firewall is a service provided by a responsible IT security provider that performs firewall and IDS/IPS functions for your organization’s IT environment. In addition to the functions performed by a firewall and IDS/IPS, a managed firewall typically includes application control, where applications or specific features can be limited or blocked. It also usually includes web content filtering, which can block access to objectionable web sites. Most beneficial of all is ongoing maintenance, where the security provider regularly updates the managed firewall with the latest threat profiles to insure your network defense systems are the newest possible.

Depending on your organization’s specific needs, a managed system can provide these benefits:

Cost savings – a managed firewall can save your organization in two ways. First, the system can save you the hardware costs of a firewall. While the cost of a business-level firewall can range up to $5,000, and over $25,000 for an enterprise-level firewall, ETTEs managed system is priced at a minimal dollar value per user per month. Second, for smaller organizations in particular, ETTE can include managed firewall services as part of an overall cloud-based IT package. This package of services saves your organization the expense of a full-time IT professional, who may or may not have expertise in configuring firewall and IDS/IPS functions.

Improved security – The main direct benefit of a managed firewall is it is typically configured as a proxy server. A proxy server has a different Web address that an organization’s main network. When a phishing message (effort to locate a network’s IP address) is sent to a proxy server firewall, they obtain the proxy address and not the true address of the organization’s network. When ETTE properly configures your managed firewall, the proxy relays only properly formatted and vetted packets to your organization’s true network address.

Additionally, there is implicit added security using a managed firewall provider in the form of expertise. The professionals at ETTE have accumulated extensive experience providing managed firewall services to our clients. ETTE knows the correct and detailed settings to properly configure and optimize our managed firewall to meet the needs of your organization. We have the resources to continually refine and adjust the settings to insure your security provides a strong defense against unauthorized users, while providing seamless use for your staff.

Latest Technology – As a professional IT organization, ETTE constantly surveys the technology landscape to build awareness and expertise on the latest innovations, be they hardware, software or methodologies. As hackers develop new attack profiles and new nuisance IP addresses add to the Internet clutter, we remain on top of these developments. We add those new profiles and bad addresses to our managed firewall system. As new and improved firewall applications and hardware become available, ETTE changes out our systems to implement the newest proven technologies, all at no additional cost.

Scalabillity – ETTE’s per user pricing model means adding users to your system is easy. Scaling your systems requires no additional investments in hardware to handle the increased network traffic associated with a network expansion. Of greater benefit is the flexibility your organization gains. Removing users immediately reduces your IT costs. In a physical -based network, once an organization invests in hardware, the cost is fixed and non-recoverable. For project-based organizations where your workforce grows and ebbs based on contracts or seasonal work, ETTE can “rightsize” and “rightcost” your IT environment through every point of your business cycle.

We can help

ETTE Managed Firewall, powered by pfSense, a precisely configured open-source system, includes additional features that are not available in commercial closed source solutions. Provided, tuned, and maintained by ETTE, your Managed Firewall and Snort Intrusion Prevention System is one less item your organization needs to worry about budgeting for and worrying about. Our price is surprisingly affordable. Contact us to find out more.