Firewall and Internet Security are two things that cannot be separated each other. From small to enterprise class business networks, deployment of a firewall in each of the entry point of the internet is a must.
In the effort of providing protection for your network against anytypes of internet threats, you should use the suitable firewall, the firewall topology and security policy. With a firewall, all the traffic between the networks are controlled, authenticated, and logged. Therefore, all the entry point from the un-trusted networks (such as the internet) into your trusted network must be protected by secured firewall.
If you require hosting public resources, you should provide network segmentation to distinct security boundaries (aka DMZ – demilitarized zone). If you find that you require multiple security boundaries, you should use multiple DMZs. Label each of physical interface by using color coding scheme to differentiate between your private networks, DMZs and public / internet networks.
Firewall and Internet Security is as secure as the firewall system and the implemented security policies or the rule base implementation. But firewall cannot protect against internal or authorized attached. And the fact is that firewalls can never provide 100% protection against any types of internet threats such as intruders, viruses, hackers, and malwares.
The following figure shows a conceptual diagram of business networks that implement firewall with two DMZs for security segregations. SQL server in DMZ2 is configured to be accessible only by WEB server in DMZ1. All traffic from Internet denied to get into the DMZ2 network but can access the WEB server in DMZ1 network. Firewall is configured based on the rule – security policies to meet the business needs and specifically configured to protect the threats from the internet.
Firewall Security Appliances
Unified Threat Management (UTM) firewall appliances are so popular today particularly for small to medium businesses or even enterprise class networks as the entry point internet security protection. Since the internet threats such as hackers and intruders are evolved to getting smarter and more harmful than before, you cannot rely on the traditional firewalls anymore. The firewalls should be capable of inspect deep into the packets for any false positive packets.
There are many UTM firewall appliances for your internet security particularly for small businesses such as SonicWALL TZ and NSA series; or Zyxel Zywall series. ZyXEL ZyWALL series is an 8-in-one UTM solution for small to medium businesses which includes Anti-Virus, IDP, Anti-Spam, Firewall, VPN, and Content Filtering.
SonicWALL TZ100 Network Security Appliance is a high performance Unified Threat Management available and affordable for small businesses or branch offices. Sonicwall NSA 2400 Multi-core Network Security Appliances are next-generation Unified Threat Management platform with Patented RFDPI technology, fully integrated deep packet inspection firewall and Automated and Dynamic Security Updates.
Firewalls and internet security are interconnected each other. Implementing internet security appliance for small to medium businesses is beneficial since you can provide thorough entry point protection against any internet threats such as intruders, hackers, viruses, malware and so on.