Every file
you open needs to be checked. Every
email you receive needs to be scanned.
Every internet download and browse needs to be monitored. You can be sure that at least one of them has
spyware embedded, a Trojan hiding inside, or a nasty virus waiting to jump into
your computer’s hard drive! So, while
the anti-threat software is busy scanning stuff, it takes away processor time
from all the important things you really need to do on the computer!
Gateway Protection
It has been
common for larger organisations to focus on deploying very strong anti-threat
protection systems at their gateway: the point where the internal network meets
the Internet. This has a number of
obvious benefits, seeing as the majority of threats originate from the
Internet. Catching them head on, before
they get to your workstations, is cost-effective, scalable and smart.
In more
recent times, these gateway devices have lowered in cost, and increased in
capabilities, to the point where they are a necessary addition to any small or
medium business which has an Internet connection.
Much like
workstation-based anti-threat systems, gateway systems have a number of
features they can employ. The more of
these features a device includes, the better protection you will have.
Firewall – a
firewall simply stops internet traffic coming inbound into your network. Generally speaking, most traffic which
originates from the outside is bad news.
There is some traffic you want, such as inbound mail, and inbound VPNs –
but those can be selectively allowed in.
A really good firewall will also allow you to stop outbound traffic (from
your network to the Internet)…unless you selectively permit it. This is ideal for tightening up Trojan
spreads, but you will find that most home or small business firewalls will not
support this (often called NAT firewalls).
Hardened Operating System – ‘hardened’ means the gateway is not just any-old computer! Its operating system has been especially
designed to withstand the challenges and throughput which are constantly
beating at the door of the Internet.
Anti-Virus –
catch the virus before it gets into the network. It’s critical that the anti-virus signatures
are updated and maintained automatically – without needing human intervention. New viruses are emerging every day, and the
longer your anti-virus takes to recognise a new virus, the greater the chance
of falling victim to it,
Anti-Spam –
filter out spam before it gets to your mailbox.
To monitor spam the device needs to tap into the mail traffic, check it
thoroughly, and then pass it through to your mail server. The better anti-spam systems also allow spam learning,
quarantine, and other configurable mail handling options. Just like the anti-virus, it’s critical that
the signatures are updated and maintained automatically.
Content Filtering – There is so much objectional content on the Internet. Much of it is not appropriate for children,
social groups, or certain communities.
Some bosses would say that some sites are not appropriate for the person
at work (it’s too easy to waste hours on Facebook, or chat….admit it!). And few could argue that work time is time to
work; Internet socialising really should be conducted out of hours. Content Filtering simplifies the problem:
simply stop access to websites and functions which are not related to the
workplace. Sorry Internet Addicts! The finer the grain of control on content the
better a feature this can be.
Remote Access –
Virtual Private Networks (or VPNs) are common now as more people work from home
and on the road. VPNs allow staff to
access their office files from wherever they are. You can install purpose built remote access
servers, but it makes more sense to integrate this into your gateway
device. As a result, your security is
centralised and compatible with your remote access needs.
Online Logging – logging is vital if you want to see where things are going wrong. Viewing logs after-the-fact is reasonable,
but its so much easier to troubleshoot if you can see what’s going wrong,
precisely at the moment that you click on that website…
| < Prev | Next > |
|---|