According to the SANS Institute, a nonprofit that provides research and best practices for computer security, on average a computer will be attacked within four minutes on the Internet if its vulnerabilities are not patched. The most common attack is controlling a computer to send spam or viruses to other computers. These computers become part of a "botnet" — a network of computers controlled by malicious parties — which in turn will search for other vulnerable computers.
Since the attacks are automated and continuous, you need automated solutions to defend yourself. In most organizations, network devices should be the front line of defense (along with properly patched computers). We'll discuss both technical and nontechnical, or operational, considerations when acquiring and implementing a security device in your network.
Although we often dive in to the technical specifications of a new device, it's better to think about the management and maintenance of it first. You may think that you need a certain feature, but unless you dedicate the resources to set up, implement, and monitor it, you may be better off getting a less advanced piece of equipment.
Therefore, a primary factor in choosing a device is whether you have the in-house expertise to properly configure and manage it, or will you need external technology support. If you already use an external service provider, does it have certain recommendations or preferred devices? Measure your expertise against the size and complexity of the security device you're buying. That way, your network will be properly secured. If you have a device setup but left orphaned or with default settings, it could end up making your network even less secure.
Often, your service provider will configure and maintain your security device for a price. On the other hand, if you don't understand fundamental security concepts, you might end up paying your ISP for security device features that you don't actually need. Also, how responsive will your service provider be when you need to change the access rules on your security device? In other words, you have to know at least enough to ask the right questions and evaluate the answers.
Lastly, different devices have different prices, depending on how much functionality they have and how much traffic they can handle. Although the budget often is the biggest consideration for most organizations, you need to determine the most important feature based on your current and future requirements and resources.
Once you have determined your operational resources situation, you can look more closely at the technical details. A "firewall" is a device that has the highest level of protection and the widest range of options. However, many routers and switches also have basic security features. So it is important to pick a device that is appropriate based on the size of your network and your needs. You will encounter many specifications and acronyms. Here are some common ones and their explanations:
The following are more advanced security features for bigger organizations, or organizations that are looking to secure more traffic in and out of their network.
Special thanks to Steve Shields of Shields Networking in Seattle, WA, Chris Jowaisas of the Texas State Library, and Chris Shipley of NutmegIT in Hartford, CT.
Image: Computer locked, Shutterstock
Join today to access donations and discounts for your nonprofit or library.
Already a member?