Line of Firewalls

Companies arent asking if they need a firewall, but rather which one they need. What do todays IT decision makers need to know about currently available firewall solutions?

 By Lynn Haber
Page 1 of 4
Print Article

The healthcare industry has tough requirements for data security. That's why Atlanta, Ga.-based Promina Health System Inc., an organization with more than 16,000 employees, including 2,500 metro Atlanta physicians, and more than one dozen hospitals, made its first investment in firewall technology five years ago. The Internet was, and is, increasingly being relied on as a way for Promina's network of doctors, who serve residents in Atlanta and the surrounding area, to communicate. Further expansion of Internet use among their members is what also drove the healthcare organization to make another, more recent, firewall purchase.

The bottom line is that we need keep our data secure and firewalls help us do that, says George Bright, senior network engineer at Promina.

The corporate network security infrastructure has always been a work in progress, but never more so since the advent of the Internet and its impact on the commercial sector. Any organization conducting e-business must protect itself from external threats, or literally risk losing everything. Where IT security used to be viewed as a cost drain, today, most organizations view a robust security infrastructure a business enabler.

What we can't afford are security accidents, says Bright.

Firewalls appeared on the IT security scene almost 10 years ago. Although products have matured, presenting buyers with new purchasing options, the basic functionality of the technology has remained the same: Firewalls block various kinds of Internet traffic that match a set of predefined rules. This functionality is analogous to how a water filter works: the job of the firewall is to filter out the bad things among both the good and bad things coming in from the public Internet, so that only the good things come in.

The fact of the matter is that with connectivity to the Internet comes obvious security risks, says Phil Schacter, director of network strategy services at The Burton Group, in Midvale, Utah, adding that firewalls are critical to any company's security architecture.

"Any organization conducting e-business must protect itself from external threats, or literally risk losing everything. Where IT security used to be viewed as a cost drain, today, most organizations view a robust security infrastructure a business enabler. "

Similar but Different

Firewalls are considered a basic component to the company's security architecture at Suncoast School Federal Credit Union based in Tampa, Fla. Firewalls keep our internal network safe, says Duane Verzone, network security technician at Suncoast, the fifth largest credit union in the U.S.

Offering a broad range of services that include trust services, tax-sheltered investments, banking services and loans, Suncoast customers are employees, elected officials, and retirees of public and non-public schools in 14 counties, covering just about the entire west coast of Florida.

Suncoast installed its first firewall in 1997 when the bank granted Internet access to internal employees. In January 1999, the bank began offering Internet-based home banking and bill paying to its customers and recently purchased an additional firewall from Rockville, Md.-based Axent Technologies Inc.

It's almost taken for granted today that any Web site with links to the back end enterprise systems will have a firewall. The need is obvious: when opening up internal information assets to the public Internet, or even extranets, measures are needed to prevent intruder disruptions.

Early firewall technology, which was primarily software-based, was difficult to configure and costly to administer and manage. The technology often used command-line interfaces, and, in cases where there was more than one firewall, each had to be managed separately.

Much has changed. While functionally the job of the firewall is the same as it's always been, product packaging has evolved. For example:

  • Software-based firewalls have morphed into firewall appliances

  • New hybrid firewalls are available that include dual mechanisms, such as state-based inspections and application gateway proxies

  • Firewalls can be managed remotely via Web browsers

  • Integrated products now offer both firewall and virtual private networking (VPN)

  • Vendors are offering personal firewalls

  • Firewall solutions are now available as hosting (ASP) services

So, it makes sense that companies like Proxima, which made early firewall purchases, are reexamining those purchases as traffic loads increase, requirements change, and better performance is demanded. Not only are most companies encountering more traffic flow across their networks, they're also seeing a greater variety of flavors, such as web traffic, HTML, business applications, etc.

With more companies leveraging the Internet for cost savings with things like e-commerce, business-to-business commerce and corporate extranets, access control is key to doing it safely, says Bob Gelinas, vice president of sales at CyberGuard Corp., Fort Lauderdale, Fla.

This article was originally published on Oct 7, 2000
Get the Latest Scoop with Networking Update Newsletter