Firewalls: Symantec’s Security Management
Whether you like it or not, the internet and global networking is here to stay. As simple as sending an email to a friend or relative across the globe to performing a routine back up to your corporation’s financial information to a an offsite location, your information and your hardware can be corrupted if you ignore to properly secure the incoming and outgoing network traffic flow. Symantec’s Security Management is a solution to combating the everyday struggles that normal IT security professionals deal with. Before we can dive into what exactly is Symantec’s Security Management, there needs to be a broader discussion about “what is a firewall”, its strengths and weaknesses, and what are some of the advantages and disadvantages of deploying a solution like this.
A firewall is nothing more than a security check point similar to a security checkpoint at the airport or a government building. They act as guards to prevent corrupted or malicious information from coming in and going out. Normally, a firewall will sit between your DSL / Cable connection and your network. A network can have one or 500 computers, but without the firewall you leave your network vulnerable to attacks from the outside world. Firewalls also assist the corporation to set up rules about what types of files can be uploaded using an FTP connection. This helps the corporation protect its valuable assets whether they are patent secrets or preventing viruses from spreading internally by coworkers.
Firewalls can be extremely strong, but it does have some serious limitations. The person or code that has control of the firewall basically has control of the entire network. So if a hacker is able to break down and penetrate the firewall, everything is at risk. The problem is not just with hackers, but with disgruntled employees. IT Security is a very important part any corporation’s business plan. Risk assessments need to be update annually to allow management to review the business plan to protect its employees and its valuable data. Another weakness of firewalls is that it does not prevent communication between host and clients inside of the firewall. So the network that is protected from the outside world is useless if a worm is released from an employee who brought something malicious on his/her thumb drive to their work computer. One major problem with this scenario is that the malicious content could create a “back door” to an outside site. This outside site will gain remote access without the normal authentication. Theoretically, if this was to happen, malicious instructions could “takeover” the affected computer and create a host that will feed malicious content to the protected network deeming it unprotected and affected.
Symantec’s Security Management is a solution that protects not only from outside intrusions, but it protects from each computer on the network. There is an early detection service that prioritizes risks thus improving the incident response time. This solution is not only reactive, but more importantly, it is proactive. By giving IT Security the tools they need, they can watch the network and easily predict attacks. Security compliance is thought of a onetime ordeal. Put your security infrastructure together and you are done. Just like any process, there needs to be a regular checkup that allows systems to improve so they do not become outdated. Every year the system should be up for compliance renewal. There should be an internal auditor and then an external auditor should review the system. Recommendations are to be made at this time and corporations should comply with recommendations to improve their system. No system is 100% protected, but with Symantec, you can improve the incident response, assess risks that were previously unidentifiable, early detection provides trend analysis to be proactive and Symantec’s consulting services give a corporation a different set of eyes to assist in developing a security infrastructure that is well protected.
Firewalls are extremely important, but there are pros and cons with any system. Firewalls prevent Denial of Service attacks and prevent “holes” in your computer’s security. When the network has been penetrated or an attempt has been made, security professionals are notified. Firewalls do have some faults. Overwhelming attacks will break a firewall because firewalls execute using the tail end of the bandwidth. This means if a flood is coming to your house, protecting the front door does not protect the backdoor or the windows. Therefore, something will penetrate your system. There is no software out there that will be able to protect from a flood. There is no protection from viruses that do not need a network connection. These viruses are spread from emails. Emails are allowed by firewalls and it is the job of the antivirus on the client and on the mail server to scan emails for malicious content.
Firewalls are an important aspect of a corporation’s business plan, but it is only part of the IT Security’s plan to protect the business’ assets. Symantec’s Security Management provides protection in form of a firewall, antivirus, email scanner, risk assessment, trend analysis and early warning system. Consulting services are available to assist companies to improve their security by providing another set of eyes. Compliance system is in place to maintain the security system because employees do move on and new people come in. Preventing major changes while allowing a consensus of necessary change is how the compliance system improves your security system.
Tyson, Jeff (2009). How Firewalls Work Retrieved February 22, 2009, http://www.howstuffworks.com/firewall.htm
Symantec (2009). Security Management Retrieved February 22, 2009, from http://www.symantec.com/en/hk/business/solutions/focus.jsp?solid=security&solfid=security_security_mgmt
Daugherty, Stephanie Erin (March 16, 2005). Firewall FAQ Retrieved February 22, 2009, from http://www.irchelp.org/irchelp/security/fwfaq.html
Yuva’s Blog (2008). Strengths and Weaknesses of Firewalls Retrieved February 22, 2009, from http://hello-engineers.blogspot.com/2008/10/strengths-and-weaknesses-of-firewalls.html
Hines, Matt (December 13, 2006). Symantec Launches Security Mangement and Outsourcing Services Retrieved February 22, 2009, from http://www.eweek.com/c/a/Security/Symantec-Launches-Security-Management-and-Outsourcing-Services/