When CharlesDarwin published his theory of evolution, computers only existed in the
realms of science fiction (if at all). As for the web, that would have been
considered the stuff of unimagined dreams. Darwin’s theory, posited in “The
Origin of the Species”, was of coursed aimed at the natural world.
However, it can also be applied to the world of computing
and the Internet in particular. The web as we know understand it first came
being in 1974 when Telenet
become the world’s first ISP. Telenet brought something that had previously
only been used by the US military – something referred to as ARPANET, into
the public domain.
The Evolution of the World Wide Web
Since then hardware, software, and web itself have all moved
on from those early days, turning itself into the connectivity wonder that has
changed our lives, on both a personal and professional basis. The static
website has become responsive and interactive. Social networking and blogging
are the order of the day. What was termed as Web 1.0 has now become Web 2.0. The
web has, in effect, evolved.
The Evolution of Malware and Cybercrime
But of course, evolution is not limited to any one species
in the natural world, and this is also true of the cyber-world. With all of the
good things and advantages that evolving web technology brings us, it also has
a dark side – Malware was
born and it too follows Mr Darwin’s theory. Cybercrime and invasive viruses
have also evolved – becoming smarter and more insidious. Anyone using the Internet for anything at all,
(businesses in particular), should now be looking at installing the next
generation Firewall, for it too has evolved. It has had to in order to keep
pace with the ever increasing threat of cyber crime.
Firewalls and Anti Virus Protection
To the uninitiated there often seems to be no difference
between a firewall and antivirus protection, but they are in fact two very different,
discernible things. Antivirus protection is, in simple terms, a program that
deals with a virus once it has been unknowingly downloaded. A firewall is
designed to prevent malware or hackers from reaching your computer via the
Internet in the first place. You can’t afford to be without either.
What a Firewall Does
In layman’s terms a firewall in effect puts a wall up
between your computer and the Internet. What this does is that it hides ports
on your computer from cyber criminals who are intent on hacking their way into
your hard disk. They are intent on stealing things, such as your identity, your
financial details, your medical records, and any other personal or business
information they may be able to misuse. Worse, these days businesses of all
sizes are targeted for their customer’s information and business intelligence.
What a Firewall Can’t Control
The problem is that a firewall is a two way street. As well
as hiding your computer from hackers, it also has to allow you access to the
web in the first place. When you then surf the web, browsing other websites and
downloading programs and software, you run the risk of unwittingly downloading
any viruses or malware that might be lurking either on the websites themselves,
or within the downloads. You’re firewall has no control over what you do when
you’re on the Internet. It’s the anti-virus program that does the mopping up if
you’ve side stepped the firewall and downloaded anything malicious.
The Problems with Traditional
Firewalls do a great and essential job. But because of the
way that data has evolved in recent years, (back to Mr Darwin again), and the
way that web protocols have changed and are being manipulated, traditional
firewalls do not have the inbuilt intelligence to be able to discern one type
of traffic from another, and then check out that the appropriate protocols are
being used. They have therefore become far less effective at their job.
Next Generation Firewalls are More
This is precisely why the next generation of firewalls have
now evolved. They’ve become more intelligent, and are able to better discern
the changing face of cybercrime.
Self Teaching Technology
Next generation firewall (NGFW) technology has been updated so
that it can recognise the various applications it now has to deal with. It goes
even further in as much as it is designed to be able to teach itself to
recognise the validity of new release applications. It does this by building
templates of data and then referring any new applications it comes across to
these templates to ascertain that they are using the correct protocols. It is
also able to detect any malware that has been hidden within.
Application Signature Checking
As well as being able to identify these new application
packages and drill down deeper into the layers of data that they contain in
search of malware, NGFWs can also compare the “signatures” of new packages. If
the signature of a new package matches known, safe signatures they can be
permitted; but if they don’t, a NGFW can then alert the user of any possible
Things to Watch Out
When the escalated threat of malware importation became an
issue, and the inadequacy of traditional firewalls was fully appreciated, the
tech-bods put on their thinking caps and came up with something called UTM or Unified
Threat Management software. A UTM package is something that can be “bolted
on” in addition to a traditional firewall, to enhance security. But you must
not assume that NGFW can replace UTM. This is because the operational aspects
of NGFWs vary from manufacturer to manufacturer. Each package needs to be
individually examined to see what it can and cannot do.
In order to have SSL decryption at high speeds, it is
necessary to bank various NGFWs; so says John Pirc the Vice President of
NSS Labs. Their research has shown that when decryption is enabled on NGFWs
marketed by the likes of Palo Alto, Cisco, and Juniper Networks, when installed
on their own, there is a significant drop in performance.
It’s Your Call
In the workplace, it is normally the job of the IT
department to evaluate the company’s firewall requirements according to the
applications it needs and uses. They are responsible for choosing the
appropriate NGFW and UTM if deemed necessary.
Quadratek provides a range of professional services designed
to make the most of business IT demands. From structured cabling, network
design and installation, we can ensure your infrastructure is secure and
performs to its maximum potential.
Why not give us a call today on +44 (0)8450 740 530 or reach
us through our contact page to
see what we can do for your organisation.
Photo Credit: Ngọc Hà