We work with a growing number of small-medium businesses (SMB) who have a need to protect their businesses from hackers, ransomware and other threats. The majority of SMBs will have a router/firewall, but the primary purpose is to secure the business network. Nowadays, with more complex threats, the functionality of firewalls and routers has evolved to now include services such as intrusion prevention (IPS), antiviruses, web filtering and anti-spam; often – all in one box.
Small Businesses are a target
Small businesses have historically lacked the security capabilities that are often found at larger enterprises, primarily due to cost and complexity of firewalls. The reality is that data breaches increasingly hit smaller organisations, either because attackers want their data or to gain access to the larger businesses they work with. Compliance and regulations such as GDPR only emphasise the need for SMB to be ready to defend themselves against attack.
According to the Verizon Data Breach Incident Report, data breaches were more common in small than large organizations (25% vs. 20%, with 50% from size unknown). This emphasises the need for a small business to use a firewall to defend their business.
Router or Firewall?
This is difficult one. The truth is most routers have firewall functionality, and firewalls have router functionality – therefore the terms are often used interchangeability. Generally speaking, firewalls have more advanced features that are designed to offer a superior level of defence that a traditional router. Some would see a wireless router as more of a commodity device, suitable for home users and perhaps home offices, but very rarely do they have the same levels of performance and security capabilities. If you own or work for an SMB, you should really be considering a firewall to protect the business.
The features that you should be looking for when choosing the best small business firewall or router should include:
- Internet Connection Support. Many firewalls will support ADSL, VDSL, Ethernet and in many cases 4G. Make sure the firewall you select is compatible with your internet connection.
- Wireless Support. Most SMBs use WIFI in some form. Nowadays you should be looking at 802.11AC for the best performance and where possible, you should be able to secure the wireless network using a Pre-Shared Key, usernames/passwords and ideally, the firewall should feature a WIDS (Wireless Intrusion Detection Service)
- Antivirus. Gateway antivirus means the firewall scans your downloads and e-mails for viruses on the device, adding an additional layer of defence to your existing antivirus on your PC/Servers.
- Intrusion Prevention Service (IPS). The IPS scans traffic and looks at patterns that may indicate a potential attack or exploit against your network or desktops/servers. The IPS can identify the pattern and instantly block the attack. Effective IPS solutions rarely feature on an SMB router, but are common on a small business firewall such as the Fortigate.
- Web Filtering. The primary purpose of web filtering is to control what websites your staff can access or not. Besides filtering content, an important feature is blocking access to known “high-risk” websites, those websites that host viruses and other malware.
- Reporting. This is key. The ability for your firewall to alert you or your managed firewall provider in the event a virus, malware or attack is detected. This should be easy to use, preferably in the form of a weekly executive summary.
- Virtual Private Networks (VPN). VPNs allow remote access to the workplace from home, mobile or on the road. Leading SMB firewalls will support IPSec and SSL VPNs that allow you to connect into the office network from anywhere on the internet. Site-to-Site VPNs allow you to connect multiple sites onto one network, linking up remote offices, factories and other sites.
- Technical Support. This is important. Technical support can be provided by the vendor or by your managed firewall partner. This means you don’t have to worry about the configuration, monitoring or setup.
What about management and setup?
Most firewalls and routers can be configured by a competent IT person to work, but rarely does this result in an increased level of protection. MTG would recommend you engage an expert who can not only configure the firewall, but they can tailor the configuration to suit the exact needs of your business. This ensures you get the maximum value from the firewall, but also the highest levels of protection – which is the primary purpose of the device.
Many customers choose to focus on their core business, and outsource the management of their firewalls to a company like Manx Technology Group (MTG). MTG then look after the configuration, setup, monitoring and support.
How much does a small business firewall cost?
SMB firewalls generally range in price from £200 to £1500 depending on the performance, features and security capabilities. There is typically an annual subscription that covers the antivirus, updates, IPS signatures and other subscription services – which are vital if you want to maintain a high level of protection. This can be as much as 20-30% of the purchase price. The final cost is management, we would recommend all SMBs to opt for a managed firewall service. Outsourcing the management and monitoring of the firewall ensures you get a 24×7 service watching over your business and responding to threats. For more information about MTG’s firewall management service or managed firewalls, please view the respective pages.
The cost of the managed firewall service will depend on the hours of cover, number of sites and the level of protection required. It is typically a great value service that provides an extra level of protection for the SMB.
Fortinet Firewalls for the SMB – Connected UTM
We work with a number of different vendors such as Cisco, Draytek, Sonicwall and Sophos – however we would always recommend Fortinet as the firewall vendor of choice. For SMB clients, they have a great value range, an extensive feature set and provide the highest levels of protection for a small business.
MTG believe the Fortinet family of products are the best small business firewall/router for the reasons set out above.
Review the questions below, if you answer yes – you should speak to MTG about replacing your existing firewall or router.
- Is your current firewall/router approaching 3 or more years of age?
- Are you ready to add more security to your network?
- Have you upgraded your internet connection or network bandwidth?
- Are you ready to expand or upgrade wireless access in your office? Are you worried about wireless security?
- Are you concerned about malware and data breaches, and interested in increasing the security in your business?
- Do you host your own servers, e-mail or website?
- Do you want someone to manage the network security so you don’t have to worry about it?
If you would like more information on the Fortinet range of firewalls and the complete range of security solutions for SMB, please contact MTG today. Submit the contact form on our website, e-mail firstname.lastname@example.org or call +44 1624 640400