Remotely Manageable Firewall Software (2 of 3)
This will be the second of three installments on firewall software: critical software that straddles the boundary between internal and external sides of an Internet or other “outside network” connection and inspects traffic inbound and outbound. Firewalls come in lots of flavors, with lots of different capabilities. Today’s focus is on so-called “remotely manageable firewalls” or “firewall appliances” which are designed to protect single systems or small single-segment networks connected to the Internet, but also to be centrally configured, managed, and controlled on behalf of clients, traveling employees, or teleworkers.
While a personal firewall is optional (and perhaps overkill) for transient dial-up connections, many organizations who permit their employees to access their networks while on the road or from home want more control over the employee side of the connection than a personal firewall can offer. This has led to the delivery of a whole new product category, which usually bundles firewall capabilities (to screen inbound and outbound traffic at the remote end of an Internet connection) along with Virtual Private Network (VPN) capabilities on some kind of proprietary or Open Source device or hardware platform (often, a specially configured PC) to provide a secure connection for remote users to access corporate networks and related information assets.
These kinds of products are designed for companies or organizations that seek to protect work-at-home or traveling employees’ Internet connections while also ensuring privacy and confidentiality for traffic moving between the remote user’s location and corporate networks. That’s why such products are generally designed to support remote access and control, and why they normally support policy-based filters or screening capabilities that can be automatically downloaded (and updated) from corporate servers. Likewise, such devices or software packages are normally amenable to centralized management and control, be it either to manage configuration, filtering, access controls, or even remote control for technical support. Table 1 provides pointers to some remotely manageable firewall products (I’m not aware of many resources that target this market niche in particular, so if readers know of more, please e-mail me at firstname.lastname@example.org).
As you look through Table 1, you’ll also see products from infrastructure vendors like Nokia, whose customers and operations benefit from access to products that ISPs, telecomm companies, or broadband operators can use to provide centrally managed and configured solutions (which are cheaper to install and support) for their large customer bases. In fact, Nokia’s offering leverages custom hardware with a bundled version of Check Point’s VPN-1/FW-1 software. Numerous other such solutions are also available.
Table 1: Personal firewall software and resources
Special Report: Firewalls for All