12

ANALYTICAL REPORTISSUES OF IMPLEMENTING FIREWALLS

Prepared for IT ProfessionalsPrepare Name: Dan GocanDate of completion: 03/13/2015

Table of ContentsExecutive Summary.4Introduction..4Issue 1..5Guidelines 1. Preparation.52. Plan53. Research54. Testing...6Figure 1....6 Figure 27Issue 2..8Guidelines1. Risk Assessment82. Research....83. Decision.....84. Testing...8Considerations1. IDS.92. Encryption.93. Folder Security..94. Data Loss Prevention9Summary..9Conclusion.....10Recommendation...10Appendix 1.11Reference...12

Executive SummaryThe meaning behind the report is to help an IT professional in conducting research relating to the issues presented. There are guidelines that have been reviewed to help in a situation facing IT issues. This report was based on mostly conducted research then transformed into an opinion base report.

IntroductionThere are many issues in the IT field in which the normal IT professional deals with every day. From these issues, two are presented dealing with finding firewalls and implementing additional security. The guidelines are presented to be a step process to which a solution can be found from the issue at hand.

Issue 1: There are too many choices when it comes to seeking a firewall to implement in a company.When it comes to implementing a firewall in a company's IT department or structure there is an issue present of the fact that there are too many venders that offer firewalls. For an IT professional it can be challenging to get the right product for their company if they are not guided by a solution to this issue.GUIDLINES1. Preparation- preparation is very important when it comes to finding the right firewall for the company. Preparation can include doing an assessment of IT infrastructure of the company to find detailed needs of protection from threats. This will help the IT professional to get a good idea of what compatibilities need to be met with a new or existing infrastructure.

2. Plan-Planning is good and efficient when an IT professional is seeking to implement equipment into the IT infrastructure. Planning with set phases will help in time management and productivity. Its helpful to have a few more personnel that can execute the plan as well. Planning can include making a brainstorming session to organizing ideas on how to purchase the right product for the companys infrastructure and create a timeline. This will help with maintaining a schedule and being productive.

3. Research- Research comes in very useful when done right and in the right manner. When conducting research it will help if there is a few more people for help. Research should be conducted going to the vender directly and finding out information. After the research is done of what vendors are good, conduct a research of review on products of those vendors. This will help the IT professional see which product is reliable and which are not. After the review the decision is ready to be made and implemented into the infrastructure at the company.

4. Testing- Testing deals with testing the product and the vendor on their customer support. In the case of testing a firewall the IT professional might hire a penetration tester to see how protected the company is from threats. This is important because once the firewall is live on the network then it will be too late for testing.

Figure 1This figure shows a detailed chart of some of the leading firewall vendors and what they offer in the different categories. This is a helpful visual representation in which an IT professional can look for the exact features that they are looking for and would be able to identify it on the vendor and model.

Figure 2This figure shows the different vendors of firewalls and some of the models that they have. Whats good about this figure is that it is organized in the way of three categories. It shows security applications, network features and throughput.Issue 2: A firewall might not be enough for an organization to protect itself from threats.When it comes to firewalls, all the brands have one thing in common and thats protecting the clients network from threats and vulnerabilities. As networks get more complex, the threats are getting complex as well and when firewalls are not enough to protect the network, the company is open to incoming threats. Implementing other equipment or software in addition to the firewall will help with getting a strong defense line in the network.GUIDELINES1. Risk Assessment- The risk assessment is done to help identify what additional equipment will be needed to add on to the level of security. By identifying the risk, it will be easier and more productive to conduct research to by the right equipment.2. Research- The research must be carefully done with the criteria of firewall and other network equipment compatibilities. The product must be compatible with existing equipment and the vendor must have good support reviews.3. Decision- When the time comes to make a decision the IT professional must consider the present threats and what would benefit the company for the future (upgrades). Once everything is reviewed, then its time to make the purchase.4. Testing- Testing is important in which the IT professional must find out if threats can get through the additional layer of security. This can be done with internal professionals or seeking external penetration testing professionals. It is important that the IT professional from the company does the required maintenance and always keep the systems updated to ensure security.

ConsiderationsThese are some extra features on what to look for when implementing additional security equipment: 1. IDS- Intrusion Detection Software is a burglary detection software that allows companies to monitor who is accessing the company network and from where.2. Encryption- Encrypting the data in the network will discourage the hacker not to go further into the network. 3. Folder Security- this deals with data encryption of the folder. Folder lock and Bit locker in Windows operating systems are capable of encrypting data.4. Data Loss Prevention- This extra security measure to the company will help with any data loss. The feature is designed to monitor data when the network is at-rest, in-motion, and in-use.(See Appendix 1 for more information)Summary After obtaining information about solutions to solve some of the issues, the report is a good start in conducting research about firewalls and additional equipment implementations for security.Conclusion When it comes to companies protection against threats firewalls must be implemented in the frontline of the network infrastructure. Firewalls have different types of capabilities in what they offer to protect a network from vulnerabilities. The finding from the report came down to conducting research based on basic guidelines that help maintain productivity.RecommendationsIn any kind of issues dealing with IT field, there is a way to find the solution to the issue and thats conducting the right kind of research. The research will help solve the problem and how accurate it is.

APPENDIX 1Figure 1

Figure 2

References:1. http://www.watchguard.com/training/fireware/80/defense2.htm2. http://www.watchguardturkiye.com/sayfa/30/sifir-gun-korumasi.html3. http://www.esecuritytogo.com/4. http://rss2.com/feeds/TaoSecurity/19/5. http://www.watchguard.com/wgrd-products/utm/overview