When was the last time you manually checked your oil? If your car is anything like mine, I let it tell me when I need an oil change or anything else for that matter. I don’t pounce until the dash lights up.
Unlike my car, your company’s security firewalls most likely doesn’t come with a light that alerts you to its needs. Beyond checking that the firewall is on/active, how do you test your firewall for accuracy?The goal is to keep your company safe. Envision a great firewall draping an invisibility cloak over your network. It keeps you safe from hackers and their malware. But how do you know if the firewall is actually working?
3 Ways to Test Your Firewall
The good news is there are several ways to test your firewall.
1. DIY Firewall Testing
The internet is full of free resources to check your firewall. Most of these free tools run scans against your IP address. These scans check for file sharing, port/services, messenger spam, and browser disclosure.
These scans should identify anything suspicious that stands out significantly. Beware, unless you know how to check, the DIY style of testing can be duped by sneaky malware. Free scans think everything is clean when malware is disguising itself as a non-threat.
Keep risk in mind when choosing to DIY. 60% of small companies that suffered a cyber-attack go out of business within 6 months. – Denver Post
Testing your firewall with software or through your firewall vendor is a very attractive avenue. It could be Software-as-a-Service through a seller, or a one-time use software scan. Both scan your firewall from outside your network to see what ports are open to the world. The scan looks for common ports that are usually left open for file sharing or remote connection. These ports tend to be the easiest to hack.
The scan will let you know what it found, and then you can adjust as needed. This is probably the best way to test your firewall if you don’t have an internal or outsourced IT department. It's a more complete scan, but of course, it also costs more.
Bonus: Vendors may have what’s called “ethical hackers.” Ethical hackers break into your system (with your permission) to test for vulnerabilities. They can replicate hacker steps, producing great insight to your vulnerabilities.
3. Security Services Through Managed IT Providers
The best way to protect your system is from the inside out. If you’re working with a managed IT service provider (MSP), firewall management and testing should be part of their standard network security services.
Your IT provider will have best practices that eliminate most of your firewall's vulnerabilities. Tests are performed after configuration, manually checking open ports on the firewall. If you’d like, your managed IT provider can then run other tests using vendors or software. Again, this costs more, but your industry or company’s standards may call for this.
Bonus: Managed IT service providers can also protect your company internally. While DIY, software/vendor firewall testing looks outward in, your IT provider can block inward out as well. Such as blocking certain sharing apps, streaming, social media, etc. from being accessible.
Checking your firewall often is a must. And while there are many ways to test it, it’s important to explore the best way to support your company’s needs. If you don’t know where to start, that’s okay. Speak with your IT service provider about your options and what they’re currently doing to protect and support your system.
Questions? Want to talk about security options? Give us a call at (800) 481-4389.
Things change rapidly in the world of tech. We'll keep your business up-to-date on the latest information technology news so you can stay in the know.