You might think that because you’re a small business that you don’t have to have a firewall to protect your company. If that’s your mindset, and your company has a connection to the Internet, then you’re a disaster waiting to happen. No matter what size company you belong to, having an Internet connection with no form of protection between you and the outside world is like playing Russian Roulette. Sure, things might be fine for a little while, but one day the loaded cylinder is going to get hit and you’re going to be in a situation where just having a firewall would have prevented all sorts of damage.
The purpose of this article is to look at firewall solutions that would be beneficial to companies of 50 employees or less. We’ll discuss these in the paragraphs that follow.
SonicWALL has built its name on security appliances, from firewalls to anti-spam systems. SonicWALL offers a wide variety of ISCA certified firewalls to choose from. The NSA 4500 supports 600 Mbps of Deep Packet Inspection and WAN acceleration to lessen application latency and optimize performance. It can also set up high-performance Virtual Private Networks at thousands of different endpoints around the world.
The nice thing about some of SonicWALL’s lower end products is that you don’t have to spend a fortune to take advantage of them. For example, SonicWALL’s TZ 200 hardware only firewall appliance supports unlimited nodes, have 100 Mbps throughput, 40 Mbps UTM throughput, 75 Mbps VPN throughput, supports 8000 concurrent connections, and also can handle 10 site-to-site VPN tunnels. The cost for this is very affordable. Its’s a pretty small amount to pay for a product that could be saving you thousands with the protection it offers.
While Cisco is usually thought of in regards to higher end solution (and rightly so), the company does offer less expensive solutions for smaller companies. Depending on where you purchase it from, you can find a Cisco ASA 5505 Firewall edition anywhere from $400 to $1500. Not only do you get the peace of mind of Cisco’s industry gold standard for protection, you’ll also get to take advantage of Cisco’s highly regarded VPN technology. You’ll probably need someone with Cisco experience to set up the box and configure it for you, but you’ll end up getting enterprise level security with it.
Another big name in the security industry, Juniper offers its SSG series of appliances for firewall and VPN. It boasts a feature set that is similar to the SonicWALL product. It has 160 Mbps throughput, and can handle 30000 firewall packets per second. Its VPN performance clocks in at 40 Mbps. It has the ability to handle 25 concurrent VPN tunnels and 8000 concurrent VPN sessions, both of which can be raised with the purchase of an extended license. The Juniper boxes are somewhat easier to configure than the Cisco, but you may still need someone with Juniper experience to get it going for you.
Fortinet offers a superior firewall that combines stateful packet inspection with security programs to identify and stop potential threats. It can scale between smaller appliances and multi-gigabit systems and has the ability to integrate with antivirus software, VPN and web filtering. In addition, it supports virtual security domains and security zones if you would like to separate the network into different sections.
The firewall has three operational modes available (transparent, dynamic NAT and static NAT), allowing it to function in many different types of infrastructure. It also has end-point security agents that can protect remote computers and smartphones that are outside the main office. One other benefit is that it supports dynamic routing protocols that are often needed for complex networks.
Checkpoint has a powerful firewall solution that is used by 100% of the Fortune 100 companies. It comes with a patented form of stateful packet inspection to provide network security and allows companies to set granular policy definitions for individuals and groups. It also supports up to 40Gbps throughput and supports major gateways like UTM-1 and IP Appliances.
The firewall comes with features like Network Address Translation, which allows admins to hide their actual address from outside observers. It also comes with a bridge mode that can block unauthorized users while remaining hidden from all Layer-3 traffic. Furthermore, it uses three authentication methods: user authentication, client authentication, and session authentication.
Watchguard offers a next-generation firewall that can block outside attacks without significantly impacting internet use among employees. It comes with standard firewall functions like packet filtering, network address translation, and stateful protocol inspection. It also has a highly secure throughput for its class and the ability to connect users through SSL and IPSec VPN.
The firewall allows administrators to define and enforce security and acceptable use policies for employees, which can lessen the risk to intellectual property at the company. It also supports directory integration that allows you to attach specific security policies to different users and groups. In addition, it comes with Integrated Network Intrusion Prevention and Application Awareness and Control.
Open Source Solutions
If you don’t to purchase a firewall appliance, you still have other options to protect your company. If you have an old PC sitting around that you’re not using, put a copy of Linux onto it and then download an Open Source program like IPCop or SmoothWall. Both are free Linux based software based firewall solutions. While the software is free and many, many people swear by Linux and open source programs, just remember that you get what you pay for. That said, any firewall is better than no firewall.
There are many other solutions out there for small businesses. This article has given an overview of several that might be attractive based on features and price. Prospective buyers are encouraged to do their homework to find the product that will work best for them.