firewall configuration

Learn why your firewall may make you vulnerable and how SecurityMetrics Managed Firewall can help.

By: Trent Gunderson
Did you know of the investigated breaches our Forensic Department conducted last year, they found that only 24% of businesses had properly configured their firewalls?

Unfortunately, not configuring your firewall can make you vulnerable to data attacks and potential breaches.

SEE ALSO: PCI Compliant Firewalls: 5 Things You're Doing Wrong

Why can’t I just plug in my firewall and forget about it? 

The PCI DSS requires that all firewalls should be configured properly to fit their business environment.
If your firewall isn’t set up, configured properly, and maintained, you’re not PCI compliant.
Having a firewall running won’t do you any good if you don’t have any rules established for what the firewall should be filtering. You need to set up your firewall so it’s restricting network traffic to only those authorized to access it.

SEE ALSO: Getting Compliant with PCI Requirement 1: The Basics in Managing Your Firewall

firewall configurationIf a firewall isn't properly configured, you might as well not have one. In a recent data breach investigation, the organization had a fairly sophisticated security and IT system. However, two incorrectly written firewall rules (amongst 300 pages of firewall rules, with about 100 rules on every page) essentially negated the whole firewall, leaving the entire network exposed. It was through this vulnerability that the attacker accessed their network.

Your firewall is your first line of defense, so you should dedicate some time to make sure it’s set up correctly and functioning properly.

SEE ALSO: How to Configure a Firewall in 5 Steps

Why aren’t businesses configuring firewalls properly?

Many businesses don’t realize that firewalls aren’t a quick plug-and-play solution. They don’t realize it takes more to configure the firewall to help with their business’s unique environment.
Another problem is businesses run into the technical difficulty of configuring firewalls. There are many firewall rules to write, configure, and maintain. Just like the example above, one mistake could completely negate the effect of your firewall.

To ensure your firewall does what it’s supposed to, I recommend seeking the help of a third-party expert. This will prevent common mistakes and ensure everything is set up correctly.

SEE ALSO: Firewalls 101: 5 Things You Should Know

Let us help you!

SecurityMetrics Managed Firewall Service takes the complexity away from firewall management.

Here are some ways Managed Firewall can help your business get compliant and stay secure.
managed firewall
  • 24/7 firewall status surveillance and notifications: your firewall is being monitored all the time, and you’ll be notified if it suddenly stops working. 
  • Notification if suspicious activity is discovered: should we discover traffic patterns that indicate malware, we will quickly notify you of the problem.
  • Internal vulnerability scanning: The firewall scans your internal network to make sure everything is secure.
  • Log monitoring and alerting: Managed Firewall looks over your firewall logs and alerts you if something is suspicious.
  • Unlimited rogue wireless detection: Managed Firewall allows you to find any rogue wireless access points to help you protect your network.
  • Firewall backup and recovery: Should the firewall go down, we offer a backup and recovery options to keep your business going.
Remember, installing your firewall is only half the battle. Making sure your firewall is properly configured and maintained is the other half.

Need a firewall for your business network? Learn more about SecurityMetrics Managed Firewall service!

Trent Gundersen is the Senior Manager of Software Development and has been with SecurityMetrics for over 2 years. He graduated with BS in Computer Science from Utah State University, and has nine years of experience in software development. 

SecurityMetrics Guide to PCI DSS Compiance