Guarding the Digital Fortress: Evaluating Different Firewalls

The increase in network vulnerabilities

especially in the enterprise scene has led to the emergence of firewall technologies from a variety of vendors. The selection of the right firewall can be costly and time-consuming. Nonetheless, this exercise can be rendered useless when the selected firewall is poorly implemented. Firewalls when poorly configured they tend to leave a lot of vulnerabilities in the network that can be exploited during an attack (Kokko, 2017). This discussion will evaluate best practices and considerations when deploying firewalls across a network. The discussion will highlight the difference and similarities between three major firewall vendors, i.e. checkpoint, Cisco and Juniper Networks.

The checkpoint firewall

is a robust easy to learn with a friendly administration interface. The firewall has an easy toolset for a firewall. Additionally, the log tracker utility offers an excellent GUI for troubleshooting firewall traffic (Thomason, 2012). The only downside to the numerous features offered by the firewall is the pricing; the firewall is among the most expensive firewalls in existence.

Cisco

has always been rock solid with its PIX firewall products the inclusion of the IDP and a myriad of other related security services this trend has continued even for the ASA firewall products. The new generation ASA firewalls have also integrated GUI that has made it easier for the non-security specialists to set up and managed the ASA firewalls (Thomason, 2012). The limitation of the firewall is that for deeper troubleshooting one is expected to learn a bit of the command line syntax.

The juniper firewalls

are quality devices, but they are so different from the other two. The Juniper operating system and the GUI is a contrast to that of the Cisco firewall and the other common vendors like checkpoint (Elnerud, 2017). Most juniper products are high-end and are meant for enterprise-level solutions (Elnerud, 2017). These devices can integrate some serious intrusion detection hardware in their firewall modules.

Finally, the checkpoint and Cisco devices

are robust and can be used in small-scale to enterprise level solution. It is a more natural transition from either Cisco to checkpoint and vice versa as their GUI and OS are also more similar. Juniper as a vendor has set itself aside from the industry standard hence it is a hard transition to their interface.

References

Elnerud, A. (2017). Comparison of hardware firewalls in a network environment. Västerås: Mälardalens Högskola - School of Innovation, Design and Engineering.

Kokko, K. (2017). Next-generation firewall case study. Mikkeli: South-Eastern Finland University of Applied Science.

Thomason, S. (2012). Improving Network Security: Next Generation Firewalls and Advanced Packet Inspection Devices. Global Journal of Computer Science and Technology Network, Web and Security, 1-4.