«

»

Print this Post

IT Security is Like an Onion – IT Security Basics – Part 1: Perimeter Security

In this day and age, every organization should have a good firewall at the perimeter of their network. There are firewalls all over the spectrum and many good options for businesses small and large. For small businesses there are great firewall units designed for the SMB market from companies like Cisco, Sonicwall, and Astaro. For medium to enterprise size organizations, or if you just want that extra capacity, there are some really fantastic devices from Cisco, Fortinet, and Astaro that should give you the functionality and flexibility you need. Regardless of the manufacturer, there are key components which are critical to your network’s security.Here is a short list. 


Network Protection should be one of the key features of any firewall, but surprisingly this is a feature not commonly included in many low-end dubbed firewalls. 
Intrusion Protection is another key feature of any firewall. This technology applies a certain level of intelligence against all incoming (and sometimes outgoing) connections to determine if a connection is a potential threat. Intrusion Protection often requires a subscription, but in my opinion it is well worth the cost. 

Anti-virus/Anti-malware protection comes in many varieties from different firewall manufacturers. In some cases, you have the ability to scan web traffic (to help protect end-users from threats found in infected websites), and in other cases there a mechanism to scan all incoming and outgoing email to make sure it is free of any threats. In the best cases, you have the option to protect users from both web and email based threats. I do want to mention that having antivirus & antimalware protection on your firewall should be critical to your IT security planning, but does not replace the need to have Antivirus & Anti-Malware protection on all PCs and servers as well!!

Things you should do periodically:

Renew subscriptions. A firewall device (or any security device for that matter) can only work as well as the software that it runs. This software needs periodic updates to fix potential security holes within itself, or perhaps to help protect against new threats. In some cases these updates offer new functionality which can make management easier, or help protect you in new ways. I cannot stress enough how important it is to keep your network firewall up to date. In fact, it probably isn’t worth spending the money on a good firewall if you are not up to date, since most of the advanced functionality will be obsolete without these periodic software updates and definition updates. 


Periodically check open ports and DMZ to make sure you aren’t unknowingly allowing potential threats. As a consultant working with new clients, I always look at the firewall rules. So often I find old rules which open common ports (80, 21, 3389) to unintended systems. Imagine finding out that someone has accessed all of the information on your PC and turned it into a distribution center for a targeted malware all because someone forgot to turn off a rule which allowed Remote Desktop (RDP/RDS) connections through to your PC’s IP address. 
Regardless of how methodical we are, and how often we update, as IT pros, it is important to do periodic security/penetration testing. Of course have a full plan of what you will be doing, and get full permission from your organization! Sometimes scanning for open ports, and following public facing portals is the only way you notice a hole in your own security.

About the author

Robert Borges

About Robert...

I have been in the IT industry since 1993 focusing mainly in networking. Though I got an early start as an amateur computer enthusiast, and wrote my first database app at age 12, I started my professional career working in the MIS department of one of the largest liquor distributors in the northeast. I started out there as a systems operator on the company’s two mainframe systems. From there I moved into PC support, and help design and implement the company’s first client-server network… This was back in the days of Win NT 3.51. I also worked on my first migration to NT 4.0 back then.

From there I went on to work with Novell 3.x and 4.x along with Windows domains and active directory environments. Working my way up from technician, to specialist, to administrator, and eventually all the way up to Sr. Engineer. I spent many years working for consulting firms, 9 of which I owned and operated my own firm.
Over the years, I have worked with (at an expert level) various versions of: Windows client and server operating systems (including Windows 7 and Windows Server 2008 R2);various virtualization technologies (Hyper-V, Virtual Server, Virtual PC, VMware, etc…); MS-SQL server 6.5- 2008 R2; Exchange 4-2010, and much more.

I am now Director of Information Systems at Bay State Integrated Technology focusing on cloud computing and IT service, with expertise in: IT Infrastructure & Architecture, IT Security, and Cloud Computing platforms & technologies (SaaS, PaaS, and IaaS).

I am in a constant state of learning about new products, and new versions of products. Many of which we end up implementing in lab environments and sometimes for our clients. I have a pretty broad range of expertise and experience. It is my goal to share some of this experience on this blog to help enrich the IT community.

Permanent link to this article: http://www.robertborges.us/2012/03/it-security/it-security-is-like-an-onion-it-security-basics-part-1-perimeter-security/

1 comment

1 ping

  1. stanleymarrder.com

    Extremely informative. I can’t believe it took myself so long to obtain this excellent blog. appearing forward to hearing more.

  1. IT Security is Like an Onion: The Basics of IT Security Blog Series - Robert Borges Blog » Robert Borges Blog

    […] IT Security is Like an Onion – IT Security Basics – Part 1: Perimeter Security » […]

Leave a Reply