Firewalls offer less protection than you think

by | Sep/21/2011

Most executives, and sometimes IT professionals, feel that firewalls are the most important component for protecting organizations against outside attacks, but firewalls can be ineffective.

It seems like every new way to prevent a security breach results in a new way to thwart that security.

Firewalls are still important—be sure to keep them!

Most of you know that https:// sites use encryption to protect your information from snoopers during transmission.

What will happen when one or more of your users receive an “urgent” e-mail that does its best to compel them to click on an https:// link inside the e-mail? Maybe most of your users would recognize the danger; however it only takes one user to click.

When the user clicks on the link, malicious code could be installed on the user’s machine and, consequently, possibly reach your servers and entire network.

Normal perimeter defenses, such as basic firewalls, cannot read the encrypted traffic to watch for that malicious code.

You could configure a firewall to disallow all https:// encrypted traffic; however, no one in your organization could easily access https:// web sites, such as banking sites.

Some people would argue that the best firewalls these days are firewalls that can examine even encrypted data—sometimes known as proxy or application firewalls or Layer 7 (no, that is not a brand name) firewalls.

Keep your firewalls, but don’t count on them too much.

Please post your comments on this blog.