Security: Is your digital front door secure?

First of all, what and where is your digital front door?

Most companies today have high speed Internet access delivered from their Internet Service Provider (ISP) via a T1, T3, DSL, Cable, MPLS, Metro Area Ethernet, etc.

These Internet connections usually come into your building and then connect to a router, network switch or similar device.

So your company’s digital front door is the point at which your company’s network connects to the Internet.

Now the question becomes, is your digital front door secure?  If you do not know the answer, you should find out.

How to secure your network

SecurityThere are a number of ways to secure your network from unauthorized access and to prevent external Internet-based attacks from compromising your systems and data.

First and foremost is implementing a firewall.  A firewall is a device that allows you to define rules controlling what types of network traffic are allowed into OR out of your network.  It is basically a 24×7 digital security guard that no company should be without.

Firewalls can be implemented a number of ways and exist in a variety of forms.

One of the most common ways of implementing a firewall is through the use of a dedicated firewall device or appliance.  While there are many different firewall appliances on the market, one of the most popular and reliable is the Cisco ASA.

A firewall appliance in general has two ports.  It has what is referred to as an “outside interface” and an “inside interface”.

The “outside interface” is connected to your ISP at your digital front door and the “inside interface” in turn is connected to your network.  The firewall appliance exists as the gatekeeper that can “see” and “control” all network traffic wanting to enter or leave your network.

FirewallThe goal is to place the firewall appliance at a point in your network where nothing can get in or out of your network (from/to the Internet) without passing through the firewall appliance first.

Once the firewall appliance is in place, rules are defined within it that dictate what traffic is allowed to pass in or out.  For example, in a highly secure environment, the firewall appliance rules might be setup such that any traffic can pass from within your network to the Internet, but any traffic that originates outside your network and that attempts to come into your network is blocked.

Beyond firewall appliances, other devices that have firewalling capabilities can also be used to protect your network.  For example, if your digital front door is connected to a router, some routers have firewalling capabilities.  A router’s firewalling capabilities are not usually as extensive as those of a dedicated firewall appliance, but a router with firewalling capabilities can sometimes serve general firewalling needs.

We still might not be secure?

“So, as long as our company has a firewall appliance or other similar device in place, we are secure, right?”  NO, NOT NECESSARILY.  “Say what?”

After a firewall is setup it needs to be tested to ensure that no mistakes were made when defining the rules.  Plus there are always new threats and vulnerabilities being discovered which your existing firewall rules may not protect against.  A good way to test your firewall is to have what is called a network penetration test.

A network penetration test will attempt to break through your firewall and will give you a report showing what “holes” were found.  This allows you to then proactively adjust your firewall to prevent any unauthorized access.


If you do not have a firewall protecting your company’s network and data, it should be on your “extreme hot” list for 2012.  If you are unsure whether you have a firewall and/or whether it is appropriately configured, you should immediately contact your IT support company and find out.

If you would like more information on this subject please feel free to give Tracey Hershey a call at (330) 493-9700 or e-mail at thershey@hcd.net.