10 Part Security Course – Lesson 1

Firewalls, VPN, Wireless, Intrusion detection and Filtering

Welcome to the first part of your initial 10 part security course for small and medium business and not for profit organisations.    This is not an in-depth course but a brief explanation of the components of the framework.   We have endeavoured to give you alternative reading and downloads for you to go further into the solutions.

This section we will look at the way you use, implement and integrate  your connection level technology into your business to create a secure business environment.   This email will look at firewalls, VPN, wireless, intrusion detection and user web management.

So let’s start.

Your connection to the internet is an important component of your business requirements.   Most systems that connect to the internet, depending on your connection, have as a minimum a router and a firewall.   Most small and medium business and not for profit organisations are connected to the Internet with a a simple modem / router supplied by the ISP and are usually of a very basic nature.   This gets you connected but it is usually a unacceptable risk to your business.

Most Businesses now requires a better way of connecting to the Internet.   All SME’s should be willing to invest between $800 – $1500 for a substantial and secure Internet connection system.    Most of the systems at this price are integrated with VPN, wireless and other components.   These systems also allow a more granular management of inbound and outbound traffic.   This is the control that we are looking for for your business.

Firewalls use a system of rules and internal policies to stop, report and allow traffic between the individual interfaces.   These rule are used to direct internal traffic from the inside to the Internet or from the Internet to an internal resource ( web server, mail server).   More in depth information.

The next component is a wireless system that allows all levels and types of devices to connect to your internal network.   Before you set up that type of system you need to look at your business requirements and also make sure that you have the right system in place.   Both wireless and VPN have two main components – authentication and encryption.

You need to be authorised (have permission ) to access the wireless and / or VPN and once you are connected the username and password components are used in setting the encryption of the connection.   In both cases the connection of the wireless and VPN has to be secure and has to be robust enough to allow just the two end points to be able to communicate.   This is the reason that it is so important to use secure and complicated passwords.

Ok, you have set up the firewall, the wireless and VPN and you are happy with the outcome.    What about your users and your data?   To protect your users there are a number of things that can be put in place to protect them.   This is still at the connection level, we will discuss end point protection later, but with the right technology you can implement outbound security to only allow the right ports (a port is the way an application talks over the Internet – port 80 is web traffic, port 443 is secure web traffic, port 25 is mail traffic) to access the Internet.

Depending on your requirements only allowing certain ports outbound will protect your business as well as managing your speed and monthly allowance.   Most of the more expensive Internet connections systems also include anti-virus, anti-spyware, anti-malware and SPAM components that further augment your Internet access and protect your users.

Finally how do we make sure that we are not being targeted from the Internet.   To do this we put in intrusion detection.   This system allows you to monitor and manage an Internet based attack on your connection.   Again it depends on your financial investment on how successful this solution will be.

The only problem with this is it becomes a critical component of your business and a single point of failure.   To mitigate this risk then you need to ensure you have a good warranty and a stand by system that can be used In case of emergencies.

Alternatively there are a number of free system available PfSense, IP Cop that are Linux and computer based.   These systems can be set up relatively in expensively but to set them up correctly you will have a need for someone who understands Linux and firewall.  What you save on aged hardware and free software you will pay for in expertise.

In addition there are also available Linux based systems like SNORT ( intrusion detection), Spam assassin (email scanning), Clam anti-virus and all manner of proxy servers to protect users.   Once again free is good but expertise in configuration can be expensive.