One of the best ways to protect against the main threats not covered by traditional firewalls is to use unified threat management (UTM). These are multipurpose security solutions/devices that at a minimum have a firewall, VPN, antivirus, and intrusion detection/prevention system (IDS/IPS).  Some UTMs- sometimes known as super UTMs- also incorporate capabilities such as Web Filtering (blocking of problematic or infected Web Sites), Spam Blocking, and spyware protection.

UTMs are usually a lower cost option than buying and installing several security components separately.  They are also greener, as one solution uses much less energy than multiple devices.  When buying a UTM or a super UTM, it is important to ensure a reseller sizes it correctly.  example: ensure that if has the performance capability to deal with current throughput and future business expansion.

Even with a firewall, there are many areas of risk. One of the current dangerous is malware. Malware is malicious software that is installed on computers without the user knowing it is there. This includes Trojan horses, viruses, worms, spyware, phishing schemes. One of the most prevalent ways to get these types of threats is through email attachments and browsing dangerous web sites. These can install programs that monitor your activity and then send it to a hacker as well as installing key loggers that will record your every key stroke. These can be quite dangerous by recording your social security number and passwords that will be sent to dangerous people.

Another threat, not covered by traditional firewalls, is unsolicited email, better known as spam. Dealing with spam can seriously affect productivity, and because spam often contains viruses and phishing attempts, it is a direct security threat.

Phishing, botnets, and DDoS Phishing threats try to extract sensitive information, such as passwords or credit card information, using authentic-looking but completely fraudulent emails that look to be from trusted sources like financial institutions where legitimate accounts have been set up. Pharming, a similar scheme, occurs when criminals have set up false Web sites that look like ones that are used regularly—typically banking sites. Once account user names and passwords have been entered, the criminals steal from the accounts.

Here is an example. A person or business uses paypal or another credit card processing bank to process credit cards etc. This company receives an email from the bank or paypal and that email looks legitimate and important. It tells you to click a link in the email to take you to their website so they can verify some information. You click this link and then enter in your username and password but nothing happens. You try again and still nothing happens. As it appears you are on your banks website, you are actually connected to a website on the other side of the planet that was built to look like your banks website. They now have your username and password and start to move money from your account.  This just a simple example.  You can imagine how far this can go.

Also, many users are unaware that they can actually acquire malware by simply browsing Web Sites.  This is a rapidly growing threat, and some of the malware is used to create botnets.

Another network danger is from a distributed denial of service (DDoS) attack.  This exploit attempts to prevent an organization from using its Internet-based systems by flooding them with emails until its servers are overwhelmed.  These attacks are often carried out by botnet networks of compromised PCs, which are also used in spam campaigns.  Specific DDoS software and appliances can help guard against this threat.  We will discuss botnets in another issue.

There are many threats out there that put your network at risk.  This is why the UTM firewall has been developed.

Other duties of a firewall include gateway defense, enforcing security policies, hiding internal networks, reporting on threats and firewall activity, and now providing antivirus, web traffic filtering, and in some cases spam filtering. The firewall is evolving into what we call a UTM firewall. A Unified Threat Management device. While this can become complex for this article, a brief description is warranted. Over the years different devices have

evolved for security. These include, Intrusion Prevention Service (IPS), Antivirus Services, Virtual Private Networking (secure Remote Access), the firewall itself, etc etc. These were all at one time a separate piece of hardware and each had to be maintained and purchased. Now with the evolution of the UTM firewall, these services can now be done in one piece of hardware with considerable savings. The traditional firewall was very specific and could not protect networks from the various threats that are being developed every day.

A firewall is a system designed to prevent access from an external network (such as the internet) to an inside private network. The firewall is placed between the untrusted network and the trusted network and monitors all traffic between the two. Early firewalls tended to just block all inbound traffic and let everything from the inside pass. This was adequate for a while but as threats became more complex, more protection was needed. There are several different types of firewalls and a short list is provided below:

Packet Firewalls – All network data travels via packets. This is the basic transport layer and these firewalls just looked at the packet destination and either allowed or blocked. A very simple firewall with limited abilities.

Proxy Server – A proxy firewall pretty much intercepts all packets and looks at a rule base to decide its fate. Proxy firewall included some of the first firewalls but became very cumbersome in functionality. Although the Proxy firewall is coming back in some respects and is mainly used in conjunction with other firewall types.

Stateful packet filters – This technology checks the state of firewalls connections to determine if the traffic will be allowed through. An example, is that when the firewall receives a request to allow traffic through such as web traffic it first looks at its connection table to see if there was actually a web request initiated from the inside of the network. A person browsing the internet for example from the inside network.

Application layer firewall – Application layer firewalls look at the actual information in the packets and at the application layer before allowing a connection. These types of firewalls are the mainstay of more up to date blended threat firewalls.

This list is not a complete list of the firewall types, but it covers the majority of firewall types. In the real world, threats have so evolved that the above type firewalls are utilized together to provide the best protection available in a single firewall. Combining these firewall technologies has helped hinder the latest threats. We call this blended threat firewalls.

Firewalls have become a common word in the business world. With the introduction of the internet to business operations, security has become a major concern. Over the last few years breaches have become a common place and the firewall has evolved. Over the last few years, the security threats to organizations have dramatically increased. Along with that threat so has grown the evolution of the firewall. The name firewall came from the aviation and construction industry. In the building of an aircraft, a fire protectant wall was built between the cockpit and the engine compartment on single engine aircraft. This barrier was designed to protect the pilot from the heat and dangers associated with the engine compartment. The construction industry termed this as well when fireproofing buildings with a fire resistant wall in a building. So came the name firewall as it protects the inside network from the hostile outside environment.