Do you use a DrayTek router?
Do you think it is protecting your perimeter as much as you need it to?
In the last few days’, I have come across posts on LinkedIn describing DrayTek routers as a ‘decent router’. This is true, and it has a great price point for some basic networking needs.
But we’ve heard many people also describing the DrayTek router as a ‘good Firewall’. This might not be accurate.
Indeed, DrayTek products are our device-of-choice for connectivity and routing if a customer lacks the budget for a proper firewall, and YES: DrayTek routers do have some basic built-in Firewall capability, BUT…
The reality is the threat landscape has changed markedly in the last 5 years rendering DrayTek’s firewall capability lack-lustre for most environments.
Cyberattacks have increased in both volume and complexity with some bad-actors (hackers) being commercially driven and even state sponsored, especially from China and Russia, devising new and sophisticated ways to commit cybercrime. Plus, the attack surface has increased substantially providing the opportunity for attacks on all types of equipment (Smartphones, Tablets, Wireless Access Points), the targeting of remote workers (working from home due to COVID-19) and the proliferation of IoT (Internet of Things) devices, which are generally deployed with low-levels of security and are typically wide open to hacking.
What can be done?
Well, you still need a Firewall. But it needs to be a Next Generation Firewall (NGFW) – like those by Fortinet.
Like traditional firewalls, NGFWs use static and dynamic packet filtering and VPN support. This is to ensure that all connections between the network, internet and firewall are valid and secure.
But NGFWs also have the ability to filter based on applications.
For instance, a NGFW has extensive control and visibility of applications so it is able to identify threats using analysis and signature matching. As a result, a NGFW can distinguish between safe applications and threat-carriers. Plus, NGFWs typically include a regular plan of upgrades through which future updates are deployed to keep pace with the ever-changing cyber threat landscape.
So, what are the Benefits of Next Generation Firewalls (NGFW)?
- An NGFW is able to negate malware from entering a network; traditional firewalls are unable to do this.
- NGFWs are better placed to combat Advanced Persistent Threats (APTs).
- They can be a cost-effective option for companies wanting to enhance their basic security. This is because they can incorporate the work of antivirus, firewalls and other security applications into one solution (often called a security fabric)
- Next Generation Firewalls possess insightful reporting tools, so the origin of a threat i.e. the Device and User, can be identified. Additional training can then be provided to protect the User/Device from engaging in risky activity in future.
- Threats to personal devices and larger networks are changing every day. NGFWs have the flexibility to protect devices and companies from a much broader spectrum of intrusions than ever before.
- A NGFW can provide what we call compensating controls in light of GDPR. In the event you have a breach and the ICO ask “what are you doing to protect your data and systems?” you can let them know you have invested in a security system that does A, B, C, X, Y, Z. This shows you have taken sensible steps to protect your data within the reasonable limitations of your business.
- Next Generation Firewalls give you the ability to extend your security ring-fence to external endpoints (e.g. home workers using other networks) and give you daily reporting on web usage stats and external access. It also gives you the ability to operate online with confidence knowing you are protected by industry leading security.
Next time your IT Service Provider says you have a Firewall in place, ask them questions based on the bullet points above.
Or, even better, ask CTO to take a look at your network security from an Endpoint, Perimeter and Standards point of view.
Cybercrime is a growing sector and a wealth of research shows it isn’t going away. It is very important to protect yourself from attacks and a Next Generation Firewall is an essential element in combating the activity of bad-actors.
Finally, once you have the right equipment and security measures in place, you should then consider gaining Cyber Essentials accreditation which will reassure existing and potential customers you take security seriously, so they can deal with your business with confidence.