Friday, August 14, 2009

Save Money and Skip the Firewall

Every once in a while, we see reports of DDoS, or virus outbreak. They damage computers, lower productivity and eventually cost enterprise money. Firewall and UTM are very popular on the market now as a way to protect network from threats like these. However, firewall just doesn’t work. Even with multiple virus engines, most firewall is unable to handle many of threats. Why? Because Internet is no longer the single source of infection, so why don’t you skip the firewall altogether?

The Mobility of Workforce

More and more laptops are sold to the Enterprise market and the worker would bring their laptop to other networks. They start plugging it into home network or share other people’s Wi-Fi, it won’t take long before it gets infected with malware and virus. The laptop travelled around the globe with you, but your firewall is sitting helplessly in office’s server room. What good can they do?

Contagious USB flash drives!

One of the most powerful virus media is USB flash drives. You may call it the web 2.0 era floppy disk. USB flash drive is so handy and popular that everyone has at least one. People would copy pictures from home or video from friends, and during the course, contaminate everyone’s computer with malware and virus from the very same USB flash drive. Firewall may have block your internet traffic, but do nothing to protect you from a physical drive!

Firewall does nothing in LAN Traffic

Many big virus outrages are historically spread among LAN computers first. Once they reach a threshold, the explosive effect is something that a firewall cannot handle. LAN traffic pass among the LAN switch are normally not filtered and this is how they spread. Virus does not stop in LAN but firewall stops.

Phishing website

Firewall may protect you from the passive Internet activity, but malware and virus, are bought inside the network because of a user’s activity. These phishing website shows flashy ad and catchy title that eventually, clicked by someone who is less aware. Once the malware or virus gets into the network, it will grow from there. Firewall would completely allow this since this is an user action, how useless that is.


Every UTM and firewall devices claims they have the world-class SPAM engine. But everyone of them gives you the wrong result from time to time. Spam get into the inbox and important email goes to spam. Moreover, businesses are migrating to online email. This feature simply becomes useless for customer who is having the email server hosted elsewhere.

So ask yourself again which part of Firewall you need. The Anti Virus that does not work? Or inaccurate Spam filters?

No comments:

Post a Comment