When you’re choosing a replacement for your standard issue ISP router, should you go for another router with more features or a next-generation firewall with advanced threat protection? Let’s take a look…
5 reasons to choose a router
- Most aftermarket routers have some form of Access Control List. This gives a basic level of protection against attacks. It’s a form of firewall, but it’s not as sophisticated as a true next-generation device.
- If you only have a limited number of external services coming into your system, a router with an Access Control List could be right for you. It means that only connections coming from specific IP addresses that you’ve pre-approved will be permitted.
- Routers can include advanced features that allow connectivity between multiple corporate sites across a private network. This means that users in one office can access resources in another without the need for them to connect over a VPN.
- Routers also allow for a second internet connection in the event that your primary connection goes down. If your organisation requires rock-solid reliability and always-on internet access with zero downtime, this could be a good choice for you.
- Some routers allow for Wireless 4G connectivity for use as a primary or secondary connection for remote sites where cable internet connectivity isn’t reliable.
5 reasons to choose a firewall
- Firewalls are designed to be as secure as possible. You can set them up to allow connections based on the IP addresses and ports you specify, as well as approving which applications can be used. For example, if you wanted to block connectivity to a CCTV system, you could just specify that application. It would be a bit trickier with a router as you’d have to block each specific port.
- Firewalls can contain a lot of routing functionality, so they often do ‘double duty’.
- The main power of a firewall is in Intrusion Detection and Prevention (IDS/IPS) technologies. This means that traffic is not only checked against the criteria specified by you, but also against a threat database that keeps track of the latest cyber-attack methods. It would be impossible for any internal team to keep up with all the threats that pop up ‘in the wild’, but your firewall can update by the hour, so you’re always as protected as possible.
- Newer next-generation firewalls can also inspect for malware. If a user unknowingly downloads a malicious file (from an email attachment for example) this could be blocked before it even enters your network, rather than waiting on the email system or the endpoint anti-virus program to capture it.
- Firewalls can block nasty websites before they’re even accessed by using a combination of DNS security and SSL page decryption. Usually, the connection between a workstation and a website is end-to-end encrypted, so your security system can’t scan it. But SSL page decryption means web pages are decrypted on the firewall, then checked for safety. If everything is ok, the page is encrypted again and passed for viewing.
Are you Team Router or Team Firewall?
Over the past decade, they’ve both improved a great deal. But unfortunately, the devices provided by ISPs are still stuck with very basic functionality that’s not suitable for most businesses. Speak to our Pre-Sales team today about which device would be best to bring your internet security up to the latest standards, ensuring you’re not left with vulnerable systems.