No one knows for certain who coined the term “firewall”. Perhaps it has stuck because it just seems so doggone appropriate. A firewall, as we know, is simply a protective barrier that is designed to impede or prevent fire from spreading. Similarly, a firewall in computing refers to the mechanism (hardware or software) used to block unwanted or potentially destructive network traffic.

Now that everyone and their grandmother has one of these things, one might presume that we have finally succeeded in containing ‘fires’ in our networks. End of story? Unfortunately this is not the case. Plugging in a firewall is simply not good enough these days.

Firewall technology became the core of best-practice network security in the 1990s. Over time, the technology has been enhanced, but several fundamental principles that made it effective have eroded….primarily the dynamic nature of today’s applications and exploits.

Firewalls still work on the premise that certain applications, like an Internet browser, use static protocols like HTTP and SSL. When your browser requests a web page using HTTP, it sends an outgoing request to a server. If this action is allowed by the firewall rules, the request passes and continues on to its destination.

At issue is that most of the firewalls purchased today are not configured. They are simply purchased and left in their default factory state. On the one hand, the end user has a plug-in and play device that works out-of-the-box. On the other hand, there is a security trade off that most do not realize, by not configuring the firewall to block non-essential outgoing network traffic. Most consumer and small business firewall routers allow all outgoing traffic no matter what the source or protocol.

ISOCNET’s recommendation? Consider taking a few hours out of a Sunday afternoon and configure some good old firewall rules. Sound like fun? We guarantee it is a lot more fun than cleaning up the aftermath of a malicious web page with an established connection to your PC!!

Defining outgoing firewall rules should also form part of an anti-hacking countermeasure.  This prevents internal applications from using unwanted ports to send requests through the firewall.