In this internet era data is the new gold. Protecting your networks against attacks is more critical than ever. Firewalls are crucial in providing security for your network both from internal and external attacks. Without an effective firewall in place, a network could be susceptible to breaches and other malicious threats that could end up costing your business not only a lot of money but customers as well. It’s important to understand what parameters to look for while choosing a firewall for your network given that there are so many features in the datasheet:
- Number of sessions: Any connection to the internet through a firewall is counted as a session as per the firewall. For example, each tab/window I open in the browser is treated as a separate session in the firewall. As a network security planner, you have to make sure that the firewall you choose supports all sessions from all your users. An entry level Cyberoam firewall supports up to 500K sessions.
- Number of connections per second: The second important parameter while deciding on a firewall is the number of sessions a firewall can handle per second. For example let us say there are 1000 users in your office, if all the users decide to open a session simultaneously to the internet the firewall should be able to process all 1000 sessions at once. A Juniper SRX240 supports 8500 sessions per second.
- Throughput of the firewall: The volume of traffic that can pass through the firewall is the throughput of the firewall. Typically this value is mentioned in Mbps[Megabits per second] or Gbps[Gigabits per second]. This is very important aspect to be considered but in most cases it is misleading as vendors attach an asterisk [*] alongside the value. This indicates the raw throughput of the firewall considering TCP or UDP packets without subjecting the firewall to any extra features such anti-virus, anti-spam, content filtering, IPSec VPN and SSL VPNs. When all these features are considered throughput reduces. The throughput offered with these features activated is mentioned lower down in the datasheet. For instance, Fortigate 50E shows 2.5Gbps of raw throughput.
- Interfaces: Well you need to see how many interfaces are there in the firewall compared to your requirements. You should never go less than a Gigabyte interface. Does it offer wireless? For most businesses, wireless is not an option but if you really need it then there are vendors out there in the market who offer this solution.
- End of Life: How old is the firewall? When is the support going to end? What if the OS has a bug and no updates? This facet becomes yet another important consideration when choosing a firewall. Buying older devices is a waste of money. Your business requirements will very soon overtake potentiality provided by the firewall. Hence it is wise to invest in a newer firewall with the latest and most stable Operation System.
- Market Position: Many vendors subject their firewall to rigorous testing via independent labs against a variety of attacks and performance testing in complex scenarios and then the firewall are ranked according to results. What does this mean to you? Well, in that case, two firewalls say from vendor X and vendor Y are both providing application detection based on the database they have in the OS. But vendor X prevails over vendor Y because vendor X firewall OS had a better database than vendor Y. This becomes crucial for the safety of your network. Again vendor X would be more expensive than vendor Y. You have to choose a firewall which suits your needs and budget adequately.
Check our services for more.
Director and Founder at BlueMap. Network Consultant and Trainer by profession with knowledge in multi-vendor environment ranging from routing and switching in Cisco and Juniper to firewalls from Cisco, Palo Alto, Juniper, CheckPoint and Fortigate to virtualization in Cisco UCS. Successfully designed and deployed green field and grey field networks for various small to mid-scale organizations.