Four Things a Firewall Can’t Do

Even the strongest protection system can’t prevent all security breaches and problems and neither firewall can protect you from everything
Protecting a building has many similarities with protecting your network. Both have workers who are trying to do everything right without having an interference from restrictive security policy. Security policy may take up resources and reduce productivity but most organizations realize about its importance. All portable\storage must be properly screened before entering a network, email attachments must be processed before being forwarded to the email client software and password creation must follow a rigorous standard.

These are security threats that won’t go away even when you have the best firewall around.

Inside Attacks: Network users who stay inside the network are usually unaffected by firewalls. Firewalls are designed as a gate to screen incoming and outgoing network traffic and powerless to control the internal data traffic that moves between workstations. One way to prevent it, is by creating restriction on permissions on servers and workstations. Auditing the network access should also be implemented to prevent inside attacks. Alternatively, it is possible to install an internal firewall between workstations and corporate servers.

Social engineering: The attack is often employed by pretending to be an authorized person. Hackers can personify as a front desk personnel, IT department engineer or even a supervisor through a telephone call. Hacker can get local network information by pretending to be an employee from the branch office that is having a difficulty in troubleshooting the branch office network. Information should only be given to those who have legitimate positions within the network.

Viruses and Malware: Firewalls equipped with good scanner can filter many dangerous codes from entering the network. However, viruses that are coded or modified recently may easily pass common types of defenses. In the meantime, users may find it increasingly difficult to distinguish between real attachments and malicious contents. Trojan horses are particularly more difficult to spot even to experienced users as they may look harmless enough. A dangerous Trojan horse won’t cause visible effects on your computer or network, however it will open a backdoor which allow hackers to gain important information about your network. A Trojan horse may quietly install a keylogger that sends every keystroke including your passwords and credit card number to bad people.

Incompetent firewall administrators:
A firewall is just software or hardware with a set of rules. It doesn’t have a mind of its own and can’t decide what is acceptable and what is not unless an administrator changes the rule to respond to a new development. Dependable network administrator should always be stay informed about the latest security trend in the security world. Just following a basic or even recommended rule may not be enough in the long run. For example, many firewalls are ‘clueless’ when accepting fragmented IP packets and as the result they let them through, you may need to set an appropriate rule to deal with this circumstance. New network services and protocols are released and implemented regularly. In the meantime, hidden bugs, security holes and vulnerabilities are being discovered and exploited constantly. Firewall maintenance is not over after the installation and configuration phases. Administrators should be on the lookout about latest news, patches, fixes, and threats while optimizing the rules regularly to maintain the highest security level possible. It is simply unacceptable to install a firewall and then forget about it.