So what exactly does your firewall should do? As network data passes through the firewall, it decides which information to forward and which not to forward, according to rules that you’ve defined. All firewalls screen data stream that comes into a network, but a dependable firewall must also screen outgoing traffic.
Typically, a firewall is installed where a network connects to the Internet. Although bigger organizations may also put firewalls in other parts of the network that need different security mechanisms. A network may be as small as a single computer or can have thousands of computers.
This list includes features a good firewall should have:
- Restrict incoming data traffic based on destination or source: Blocking unwanted incoming data stream is the most essential feature of a firewall.
- Restrict outgoing data traffic based on destination or source: A good firewall should also filter traffic from your network. For instance, you may want to prevent your employees from accessing social networking sites.
- Restrict data traffic based on the type of content: Your firewall should screen network traffic for bad contents. For example, when integrated with a reliable virus scanner, your firewall can prevent malware-carrying files from infecting your network. It should also be integrated with e-mail services to block unacceptable e-mail.
- Manage access to internal resources: Although the main purpose of any firewalls is to prevent undesirable traffic from passing through your network, you should also be able to configure your firewall to manage access to internal resources, for example only Finance Department can access an internal web-based accounting application, this can provide extra layer of defense against a hacker intrusion.
- VPN support: A common method for users to connect to a network from the Internet is using the VPN (Virtual Private Network). It allows secure connections to your corporate network. For example, traveling salespeople and telecommuters can use it to log in to the corporate network from other continents. It is also used to create a wide area network between branch offices. Your firewall should include VPN functionality and provide an easy way to establish such connections.
- Create report on firewall activities and network traffic: When monitoring traffic to and from the network, you need to know what the firewall is doing, who attempted to break into the network, and who accessed inappropriate content on the Internet. Your firewall should include a reporting system of some kind.