At this time when a computer without protection is connected to a public network/internet, in a matter of seconds, it will be easily linked to adware, malware, spyware, viruses, worms, trojans or bot-software that will damage computer resources.
Faced with this, a firewall needs to be installed to protect corporate network systems (internal) from intruding digital malware caused by connections to the internet (public networks). To install a firewall requires special accuracy. At present, CCNA offers market-leading technology solutions and services, CCNA offers a variety of services, ranging from converged network services equipped with WAN, VPN, and Firewall optimizers.
A firewall is a tool that is placed between an internal network and a public network that functions as a gatekeeper that will filter data / information that is allowed in / out and which is not, keep access only given to those who are authorized, and monitor data traffic between the company’s internal networks and public networks.
Buying a firewall, whether in the form of pre-programmed hardware or just software and installing it on a network, does not necessarily make a secure company network. Firewall settings and configuration will greatly determine the level of security obtained.
Here are some ways to optimize a firewall that is installed.
1. Tightening the system:
Tightening the system is a practical way to reduce the vulnerabilities that exist in the system. If the firewall is not installed, if we want to tighten the host system, we must close all ports and disable all protocols or user accounts that are not used. All the resources to tighten and how to operate it have been provided by the vendor. Ideally, a firewall must complete the security that has been built into the system.
2. Make it as simple as possible:
A firewall is designed to run an information security policy in an organization. So it is very important to know the policies, procedures and technical instructions that have been implemented in the organization before implementing a firewall. Then for the firewall to work efficiently and easily to be managed, efforts should be made to make the configuration simple, easy to implement, consistent and get rid of excessive and unnecessary rules.
3. Make the procedures easy to evaluate:
Firewalls are installed to protect the organization’s internal network, so it needs to be ensured that the service is always in top condition. For this reason, the evaluation procedure needs to be made as simple and as easy as possible by managing elements of the procedure such as port information, IP address, domain name, URL set, content, and user.
4. Change all default settings:
Firewall makers generally install default settings more loosely. So to make the firewall that we buy works optimally, you need to do your configuration settings.
5. Monitor outbound traffic in the network:
We always think that network security is protecting the system against attacks from outside. But attacks can also occur even more easily from the network. For that, the firewall also needs to be set to filter outbound traffic as well as filtering incoming traffic. This setting is also called egress filtering.
6. Installing the DMZ:
DMZ (Demilitarized Zone) is a small network placed between internal networks and public networks (internet). DMZ is used to prevent outside users from directly connecting to the internal network and filtering connection requests from internal systems to outside networks.
7. NTP Configuration:
NTP (Network Time Protocol) is the name of a protocol and client/server program to synchronize the time set in a computer to the network. This time synchronization is very important to be able to carry out the distribution of procedures in the network and to make up-date. NTP specifically also confirms that the log record of the firewall is accurate.
8. Make configuration as IDS:
IDS (Intrusion Detection System) is usually sold in a separate device. But firewalls can also be configured as IDS by setting active-log-file-monitoring to notice suspicious activity.
9. Test every known vulnerability:
Test each interface owned and the vulnerabilities found to ensure that the system is working properly. It is highly recommended to audit and test the system regularly.
10. Turn on the log record:
Log-record information from the firewall that contains network traffic records is very useful if you want to investigate suspicious attacks and traffic. Logs are also useful for rewriting procedures to identify traffic patterns and ward off attacks. So make sure logging is enabled. When using multiple firewalls the installation of remote system-log-server is recommended.
Installing a firewall does not guarantee that the network is one hundred percent protected, so regular monitoring of every traffic on the network is very important to prevent early violations that occur and / or close the vulnerabilities found.