Why security-conscious businesses should consider upgrading their network security with a hardware appliance.
One of the phrases you often hear when security is being discussed is 'defence in depth.' The idea is that you shouldn't rely on any single measure. Analogies are always problematic, but if you think of in terms of a building, then a firewall sitting between your network and the internet is the locked external door, and security software on individual computers and other devices are the locks on individual office doors.
Human behaviour is important in both cases: if someone invites the wrong people in, it doesn't matter how strong the doors and locks are. Equally, if the lock mechanisms are too cumbersome, people are likely to 'forget' to use them, or may even prop the doors open.
Dropping the metaphor now: another consideration is that it is increasingly likely that unsecured devices will be connected to your LAN, whether they are employees' smartphones, or cameras, VoIP handsets and other networked devices. A firewall can make it harder to interfere with such devices from outside.
What small businesses need is a firewall that's compact (space is usually at a premium), effective, affordable and easy to configure and manage.
Two of the companies that seek to address this market are WatchGuard and Check Point. (NB: this article is not intended to be a comprehensive market survey.)
The SME security market is "underserved" according to WatchGuard ANZ regional director David Higgins. Small and medium businesses generally don't have IT security at the top of their agendas, they generally don't employ IT specialists, and they have tight budgets, he observed.
Furthermore, criminal elements target the largest, easiest sectors, and SMEs are "consistently being hacked," he said, citing a statistic that two-thirds of businesses affected by ransomware have been SMEs.
While there are around 800,000 Australian businesses employing between two and 200 employees, they "are the least served" by the IT security market. They need to adopt an IT security policy and find products that provide enterprise-level security in a form they can use, Higgins said.
WatchGuard's focus on organisations with five to 500 employees neatly overlaps a large part of the Australian market.
The company's range of next-generation firewalls and unified threat management appliances provide a range of security capabilities, including monitoring for network intrusions, controlling the use of web applications, watching for data leaks, and scanning for malware and spam.
Street price for the entry-level Firebox T10 starts at around $550 for the appliance and one year of standard support, or around $700 with three years' support.
Adding the antivirus, intrusion prevention, antispam, web control, and application control modules increases those prices by around $200 or $500. Buyers have the option of subscribing to individual modules.
Other models in the Firebox T series include a Power over Ethernet port, simplifying the installation of certain security cameras, wireless access points or VoIP phones.
Check Point's small business appliances start with the Check Point 620. Prices begin at $US559 ($745) including one year of support and threat prevention, or $US849 ($1130) for three years. Built-in Wi-Fi and ADSL2+ are available at extra cost, and 3G or 4G modems can be added via the firewall's USB ports or PCI Express slot.
Available security features include intrusion protection, application control, web filtering, anti-virus, anti-spam, and bot protection (detects computers that have been co-opted into a botnet, and blocks communication with command and control servers).
Check Point also offers a managed security service based on the 600 series firewall and including remote management by the company, along with continuous security upgrades and updates. Prices start at $US30 ($40) per month for up to 10 users on a three-year contract, making it an affordable option (the equivalent of two large lattes a week?) especially if you like the idea of leaving the firewall's management to an expert.