Solution Services: Firewall
What is a firewall and why is it important?
A firewall is a network security device that grants or rejects network access to traffic flows between an untrusted zone (e.g., the Internet) and a trusted zone (e.g. your private network). It acts as the “traffic cop” for the network, as all communications should flow through it.
The Secret You MUST Know:
Not all firewalls are created equal.
WARNING: Basic firewalls fail.
If you handle sensitive data (like ePHI), an inadequate firewall means you are NOT HIPAA COMPLIANT.
The Reality Check
Most "firewalls" are just basic filters that can't detect sophisticated attacks targeting healthcare data.
True Protection
A TRUE firewall deeply inspects, intelligently filters, and proactively defends against advanced attacks. It's about smart defense, not just a big black box.
Sunset Technologies
Strengthen Your Network With Confidence
We do more than just install a firewall-we actively manage it. Our expert team continuously updates your security policies to adapt to the latest threats, ensuring your network is always protected. This proactive approach gives you peace of mind and keeps your practice secure and HIPAA compliant.
Are You Really Protected? The Truth About Firewalls.
There are multiple variations of firewalls; Consumer Grade, Business Grade, and Next-Gen Firewalls (NGFW), Leaving your business network (and ePHI) in the hands of a consumer grade firewall, or a business grade firewall that is not managed appropriately, is not HIPAA Compliant.
Sunset Technologies:
Managed Protection That Works.
We don't just install, we manage your firewall with expert, proactive security policies.
Don't Risk Your Business.
Get REAL Protection.
Ask about our New Monthly Firewall Service!
Access Control Lists
Early on, the firewall function was initially performed by Access Control Lists (ACLs), often on routers. ACLs are essentially rules written out that determine whether network access should be granted or rejected to specific IP addresses. For example, an ACL can have a line that states all traffic from IP 172.168.2.2 must be rejected, or to allow all traffic on port 80 from 172.168.2.2 to the web server at 10.10.10.201.
ACLs are advantageous due to scalability and high-performance, but cannot read past packet headers, which provides only rudimentary information about the traffic. Thus, ACL packet filtering alone does not have the capacity to keep threats out of the network.
Proxy Firewalls
Proxy firewalls act as middlemen; they accept all traffic requests coming into the network by impersonating the true recipient of the traffic within the network. After an inspection, if it decides to grant access, the proxy sends the information to the destination computer. The destination computer’s reply is sent to the proxy, which repackages the information with the source address of the proxy server. Through this process, the proxy breaks (or terminates) the connection between two computers so that it is the only machine on the network that talks to the outside world.
Proxy firewalls can inspect content fully and make access decisions based on more specific, granular information. Access control this nuanced is attractive to network administrators, however each application needs its own proxy at the application-level. These networks also suffer degraded traffic performance and many limitations in application support and general functionality. This ultimately leads to scalability issues that make successful implementation tricky to pull off. For this reason, proxies have not been widely adopted. In fact, even at the peak of their popularity in the 90s, performance and scalability issues limited adoption to select verticals in niche deployments.
Stateful Inspection Firewalls
Stateful inspection, or stateful filtering, is regarded as the third generation of firewalls. Stateful filtering does two things:
1. 1. Classifies traffic by looking at the destination port (e.g., tcp/80 = HTTP)
2. 2. Tracks the state of the traffic by monitoring every interaction of each particular connection until that connection is closed
These properties add more functionality to access control as they have the ability to grant or reject access based not only on port and protocol, but also the packet’s history in the state table. When a packet is received, they check the state table to find if a connection has already been established or if a request for the incoming packet has been made by an internal host. If neither is found, the packet’s access becomes subject to the ruling of the security policy.
Though stateful filtering is scalable and transparent to users, the extra layer of protection adds complexity to network security infrastructure, and stateful firewalls face difficulty in handling dynamic applications such as SIP or H.323.
Unified Threat Management
Unified Threat Management (UTM) solutions were initially defined as the consolidation of stateful inspection firewalls, antivirus, and IPS into a single appliance. Over time, the UTM definition has expanded to include many other network security functions.
It is important to note that the success of UTMs relies on the effectiveness of the stateful inspection-based firewall decision that precedes all of its component functions. This is because UTM components, while in a single device, are effectively downstream security services. Thus, the workload of all security components inside the network will be determined by the strength of its access control. Though UTMs provide a number of security functions in one product, the fundamental access control technology remains unchanged.
Next-Generation Firewalls
Next-generation firewalls (NGFWs) were created in response to the evolving sophistication of applications and malware. Application and malware developers have largely outwitted the long-standing port-based classification of traffic by building port evasion techniques into their programs. Today, malware piggybacks these applications to enter networks and became increasingly networked themselves (connected to each other on the computers they individually infected).
NGFWs act as a platform for network security policy enforcement and network traffic inspection. Per technology research firm Gartner Inc., they are defined by the following attributes:
• Standard capabilities of the first-generation firewall: This includes packet filtering, stateful protocol inspection, network-address translation (NAT), VPN connectivity, etc.
• Truly integrated intrusion prevention: this includes support for both vulnerability-facing and threat-facing signatures and suggesting rules (or taking action) based on IPS activity. The sum of these two functions collaborating via the NGFW is greater than the individual parts.
• Full stack visibility and application identification: ability to enforce policy at the application layer independently from port and protocol.
• Extra intelligence: ability to take information from external sources and make improved decisions. Examples include creating blacklists or whitelists and being able to map traffic to users and groups using active directory.
• Adaptability to the modern threat landscape: support upgrade paths for integration of new information feeds and new techniques to address future threats.
• In-line support with minimum performance degradation or disruption to network operations.
The Sunset Firewall Difference
| Security Feature | Consumer Grade | Business Grade | Sunset (NGFW) |
|---|---|---|---|
| Basic port blocking for incoming traffic | |||
| Basic stateful packet inspection | |||
| Filters outgoing traffic | |||
| Deep Packet Inspection | |||
| Web Filtering | |||
| Instrusion Detection & Prevention | |||
| Application Control | |||
| Malware Reputation based Filtering | |||
| Updated Antivirus & Spyware | |||
| Spam Filtering | |||
| Full visibility into users, devices, and applications | |||
| Consistent updated security policy enforcement | |||
| Security and Network Integration | |||
| Run detailed reports about network traffic | |||
| Country Blocking | |||
| Advanced Threat Protection | |||
| Block Newly Discovered Zero-day Threats |
Is your current firewall up to the task?
Don’t wait for a data breach to find out.
Ask about our New Monthly Firewall Service and get the protection you deserve!
We Go Beyond IT.
We do whatever we can to make sure our clients are Rest Assured.
