10 things to look for in a hardware-based firewall

Author: Erik Ecke The firewall you choose can have a major impact on your organization's security and productivity. Here are 10 factors you don't want to overlook. Firewalls play a critical role in protecting an organization's network from a never-ending list of Internet-borne threats. Firewall selection also often determines how easily remote locations connect to centralized systems to access essential resources or to complete important tasks. When you choose a hardware-based firewall, consider these 10 factors to ensure that your business maximizes its investment, security, and productivity. Note: This article is also available as a PDF download. 1: Trusted security Numerous entities market unified threat management devices. With a variety of business models, some network security devices include a broad range of features and services at premium prices, while others include only essential services but for lower cost. Be sure to select a well-recognized and trusted platform. Barracuda, Cisco, SonicWALL, and WatchGuard are among the brands having carved market share, and they've earned that market share for good reason: They deliver trusted security. Whichever brand you select, confirm that the firewall is ICSA certified, the industry standard for packet inspection. 2: Approachability Global multinational enterprises typically require excessive security controls, but even those organizations that need tremendous protection don't have to limit themselves to command-line-only configured equipment. Many firewall models deliver tight security and offer GUI-friendly administration. The benefits are several. GUIs help prevent installation mistakes. GUIs make it easier to diagnose and correct failures. GUIs make it easier to train staff and implement changes, upgrades, and replacement. When selecting a hardware-based firewall, consider the benefits of approachability. The easier a platform is to administer, the easier it will be to locate professionals capable of installing, maintaining, and troubleshooting the platform. 3: VPN support A firewall's purpose isn't just to keep hackers and unauthorized traffic out of the network. A good firewall also establishes and monitors secure channels, enabling remote connectivity. Look for a hardware-based firewall that supports both SSL- and IPSec- protected VPN connections from similar devices (for point-to-point or site-to-site VPNs), as well as secure connections from traveling employees. 4: Capacity Firewalls, due to their network role, typically serve as an organization's Internet gateway. Smaller offices may leverage a firewall in a dual capacity, to serve as both a security device and as a network switch. Larger organizations, meanwhile, usually just drop the firewall into a larger architecture in which the firewall's only role is to filter traffic. Confirm that a firewall can manage assigned loads. This means ensuring that it has the appropriate number of Ethernet ports and the appropriate speeds (10Mbps/100Mbps and/or 1000Mbps, if necessary). But there's more. Ensure that the firewall you select and/or maintain has the CPU capacity necessary to perform packet inspection, gateway security services, and routing functions. Pay close attention to the manufacturer's recommendations for maximum node support. Exceed a router's capacity and you'll experience errors, flat-out traffic denials due to lack of licenses, and/or unacceptable performance. 5: Technical support Hardware fails. Worse, just because a device is new and fresh from the factory doesn't mean it will work properly. Check that 24×7 technical support is available and implement technical support contracts with the firewall's manufacturer. Before purchasing, call a manufacturer's technical support team and ask configuration and deployment questions. The quickness and accuracy of the responses you receive will reveal much as to the service you will receive when the unit fails in the field. 6: Secure wireless Even if an organization doesn't believe it's needed, consider hardware-based firewalls that include wireless network features. IT staff can deploy the units with the wireless service disabled. The costs of adding WLAN functionality to a new purchase are incremental, yet when guest access or network flexibility is required, secure wireless connectivity is just a few clicks away (and an entirely new router need not be purchased). And as an organization's needs change, the WLAN functionality may prove necessary. 7: Gateway security services Many organizations successfully reduce costs by centralizing virus, spyware, and spam protection on their firewall. When comparing firewall capabilities and determining total costs of ownership, factor the cost savings that can result if you deploy these services on the firewall device, versus a traditional domain controller or other server. 8: Content filtering While many IT departments are migrating to OpenDNS for content filtering purposes, some firewall manufacturers offer Web filtering subscriptions. The benefit is that all the network services associated with a business, from gateway security services to content filtering, can be consolidated on a single device. The drawback is that you have to pay for the privilege. When reviewing potential hardware-based firewall solutions, consider your organization's needs and budget. Determine whether content filtering should be administered from the firewall. If the answer is yes, select a firewall that supports reliable, proven content filtering. 9: Advanced monitoring and reporting Firewalls manage critical network tasks. Repeatedly throughout just one business day, a single router can block thousands of intrusion attempts, detect consolidated attacks, and log failing or failed network connections. But this information is helpful to network administrators only if it's available in a readily accessible format. Look for firewalls that not only monitor important events, but that also log this data in compatible formats. A good firewall should generate email alerts, too, at least for critical events. 10: Failover Some organizations require WAN failover, or redundant Internet connections with automatic fault detection and correction. Many firewall models don't have support for automatic failover. If that feature is critical to your organization, confirm that the model you select includes seamless failover; don't assume high-end firewalls include such functionality by default. In addition, make sure the model you select supports the failover methods your organization will use. For example, a unit possessing two RJ-45 WAN Ethernet ports will do no good if the second connection is to run off a cellular card. In such cases, appropriate integrated USB support for GSM cards or adapters may be required.

Send instant messages to your online friends http://uk.messenger.yahoo.com

10 things they didn't tell you about mobile working

Author: Jeff Dray Jeff Dray reflects on the role of mobile networking in his work as a roving IT support pro and shares some of the mobility "rules" he's discovered over the years. After years spent supporting mobile devices and more years as a user of mobile data products, I felt it was time to note down some of my experiences. In some ways, mobile working is a liberating experience. But if you're not careful, it can follow you all the way home. Note: This article originally appeared as an entry in our User Support blog. It's also available as a PDF download. 1: Portable equipment breaks If you keep your Blackberry or PDA in your shirt pocket, don't lean over to look at things — it will fall out. Whether it falls onto a hard floor or down a toilet, the effect will be the same. If this does happen to you, take plenty of pictures. At least you might be able to publish it as a PDA "unpacked" article. 2: Synchronization is essential A daily backup of your mobile device means that vital information isn't lost when the inevitable happens (see #1 above). If your diary is maintained by the office, it is essential to download the next day's appointments. 3: Big stuff disappears If you are going to lose, leave behind, or forget something, it isn't usually something minor — it will be the AC adapter, USB cable, or the item itself. 4: Murphy's Law applies especially to mobile devices In the UK, it is known as Sod's Law, but the effect is the same. You will drive out of network coverage just as you are getting details of a brilliant money-making opportunity or vital information about a key project. Know your geography as far as it relates to network coverage and find somewhere to stop if you think you are about to lose connection. 5: It can be tough to get a lunch break Learn where the coverage black spots are and use them for uninterrupted breaks. This isn't laziness; people need their breaks and should be able to enjoy them in peace. There's always voicemail. 6: Communications will fail you at the worst time Jeff's Law of Mobile Data Communications: The quality of a stable connection is in inverse proportion to the urgency of making it. This means that any trivial or unwelcome communication will have no trouble getting through. If you are being chased by wild dogs or angry customers, the display on your device will be the unwelcome message "No network" or "Emergency calls only." 7: The runaway stylus is gone forever It is possible to render an expensive piece of equipment useless by losing or breaking the 50p stylus that comes with it. There must be dozens of them in my car, but without emptying it and ripping all the carpets out I am unlikely ever to see them again. Take care of them. 8: The phone is elusive With the advent of Bluetooth headsets, I have discovered a new phenomenon that takes me back to a quandary I last experienced back in the 1960s, before the age of Caller ID. Sometimes when a phone call comes in, I can hear the phone ringing, but I don't know where it is. I can answer it with the Bluetooth headset but don't have the chance to see who it is. By the time I have disinterred the phone from under a pile of tools, jackets, and pieces of machinery, it will have gone to voicemail. I like to be able to see who is calling before I answer, so that I can greet them by name. 9: Information is at your fingertips… and it's impossible to read Sometimes the PDA's capabilities exceed my own. I carry a device that has all the service manuals for every piece of equipment we sell, the entire global phone and e-mail listings for the company, our call logging system, and all the other Windows Mobile apps we know and love. Sadly, this is all shown on a two-inch screen, making spreadsheets, parts diagrams, and the global phone list all but unusable. Yes, you can zoom, but it is a slow and laborious process and nigh impossible if the sun is shining. (It sometimes does here.) 10: You may be perennially on the clock if you don't stand firm All mobile data equipment comes with a vital component, the off switch. A friend of mine complained that his boss would call him at all hours of the day and night, stating that he had the right to do so because the mobile phone was supplied by the company. My answer to this is simple: When you finish work for the day, turn it off. When you go to a pub or restaurant, turn it off. When you go to bed, check that it is off. Turn it back on when it is time to start work again. Remember, your time is a marketable product. Don't devalue your skills by giving it away for free.

---

Get your preferred Email name!
Now you can @ymail.com and @rocketmail.com.