Skip navigation
Menu
Security

Who Needs a Firewall?

To determine whether your organization needs a firewall for Internet security, you must first assess the risks of your Internet connections. The four most common types of Internet connectivity in organizations are

  • dial-up Internet email connections using the UNIX-to-UNIX CoPy (UUCP) utility
  • individual dial-up accounts with online service providers (e.g., Prodigy, America Online, CompuServe)
  • individual dial-up PPP connections to an ISP
  • a full-time leased line (i.e., dedicated connection) to an ISP

Although all these connections represent a potential security hazard, the most risky are those that use TCP/IP as the end-to-end transport mechanism. This risk results from TCP/IP transport mechanisms supporting a range of services, including services that hackers use. Full-time leased lines and dial-up PPP connections use such TCP/IP connections. UUCP and online service provider connections are generally safer because they use specialized transport protocols for part of the connection. Such specialized transport protocols usually support only the intended application and so limit the number of attacks possible over the connection.

Note that individual accounts with online services can sometimes use TCP/IP as the end-to-end transport mechanism. If your organization uses such accounts for Internet access, you can expose your internal network to significant threats, even if your service provider implements security measures (e.g., a firewall between the service's system and the Internet). If online service provider accounts or dial-up PPP accounts are starting to appear in your organization, the time has probably come to move to a dedicated Internet connection that you can protect with a firewall.

Some ISPs provide a firewall service, which may be a cost-effective option for small companies. However, operating your own firewall lets you more easily meet users' Internet-access needs so they won't be tempted to secretly install dangerous dial-up accounts. Any organization that's large enough to have an internal IS staff and must provide Internet access beyond simple email needs a full, dedicated Internet connection that an onsite firewall controls. In addition, any organization that must tightly control access to or from particular departments or provide a dedicated network connection to an external organization over the Internet needs a firewall.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024