Sophos Techknow - Firewalls Demystified [PODCAST]

Filed Under: Cryptography, Data loss, Denial of Service, Featured, Malware, Podcast, Spam, Vulnerability

We're very proud of the Sophos firewall, because it protects you in many ways.

For example, it can stop hackers worming their way in via SQL injection, the sort of attack said to have allowed a Russian cybergang to build up a stash of more than one billion user records of various sorts.

It gives you a reliable way to control remote access to your network, to prevent the sort of break-in that crooks have been using to implant malware called Backoff onto point-of-sale servers.

It keeps out spam and phishing attempts, making it harder for crooks to use email to get a foothold inside your network.

It stops spam getting out, which not only saves your from the corporate embarrassment of being flagged as a spammer, but also provides early warning that there's a rogue computer inside your network.

Clearly, the word firewall has a lot more shades of meaning in 2014 than it did in 1994.

Back then, firewalls were mostly about IP numbers and ports, dealing with who could connect to whom, but not worrying about the when, the why or the how.

Nowadays, we expect a firewall to provide us with more defence in greater depth, and we use the word to cover a lot more security bases than in the past.

So...who better to help us to demystify the modern firewall than Sophos security expert Chester Wisniewski?


(Audio player above not working? Download, or listen on Soundcloud.)

FOR MORE INFORMATION

Find out more about the Sophos firewall on the sophos.com website:

Click to learn more...

Use all the features of the commercial product 100% free on your home network.

If you're the IT geek in a shared house or have children to keep safe online, the free Sophos UTM could be just what you need, all for $0:

Click to get the Sophos UTM Home Edition for free...

, , , , , , , , , , , ,

You might like

2 Responses to Sophos Techknow - Firewalls Demystified [PODCAST]

  1. Routed Sam · 77 days ago

    OK so I have listened to an instructive advert - which makes a compelling case both for business and for home use.

    I don't fiddle with or comment on business security - the IT guys tend to report you in cataclysmic terms to senior directors who then come down hard quoting "Misuse of Computers Act, Gross Misconduct, and Summary Dismissal".

    But it does make me again feel a little insecure about what I am doing at home - three computers (Win7/Linux), a tablet (android), a smart TV (probably Linux), and various phones (all android of varying versions).

    I probably have fairly typical network access: modem/router on to ADSL, the router "has a firewall", and I use WPA2-Personal, AES and a (painfully) long key - with the SSID not broadcast. I then use Norton (NIS) on the Windows machines and AVAST or Sophos on the tablet/phones.

    The case for a home UTM seems pretty compelling but trying to find out more just takes me to a download page that wants personal details. Now I know that your "Home" package makes you no money (but possibly pulls in corporate full price clients) and therefore you don't want to supply costly support. Searching your website seems to offer support for the full UTM (which looks like a combined software and hardware product). But before downloading (and running) software, I do want to know a few things!

    So for the home user:
    - What are "the system requirements"?
    What does the "old PC in the corner" actually have to be able to do?
    Will my old Windows 98 Tower unit be suitable? Or is it underpowered?
    Is it a good idea to run such old machines permanently on - even when you are away? Or is that a fire risk and electricity bill booster?
    Could I run it on something like a Raspberry Pi - small, cheap, fits on the window sill alongside the router, uses next to no current and self-ventilates?
    - How do I connect up? Disable wi-fi on my router and cable-connect the router to the UTM machine and then provide a Wi-fi "transmitter" on that machine - is this as simple as plugging in a USB wi-fi dongle (presumably with a decent aerial)? or do I need to cable-connect a wi-fi access point.
    (Is it actually easier to buy your hardware?)
    - Do the YouTube videos about configuration apply to the Home product as much as the business product?

    Features (in plain "non-IT guy") terms
    - everything I already understand about firewalls - as on my existing router, as in products like Norton's "firewall".
    Plus?
    - prevents applications "phoning home" to malware servers
    - prevents webpages calling in scripts etc from dodgy sources
    - by "standing in the middle" can examine complete incoming pages for security or content "nasties" (configurable)
    - checks outgoing traffic for spam, malware downloading, disclosure of private information,
    - detects if a machine on your network has been botted and is sending out masses of emails,
    - can provide "far-end" VPN functionality which you can connect through with your phone etc when on open public wi-fi
    - makes the tea (if it runs hot enough)

    Do I then need "on machine" AV?
    Can I still run "on machine" AV (belt-and-braces)?

    It's not clear, so I am confused. And you never download something you don't understand!

    A simple "System Requirements" page would help! Have I missed it?

    Thanks

    • Paul Ducklin · 74 days ago

      Hmmm. Quick reply:

      1. As mentioned above, the free version has all the features of our commercial offering. Indeed, it *is* the commercial product, just with a licence code that means you are only supposed to use it at home, not for business purposes. That Home Use licence code covers all components, from packet filtering and IDS, through web and email filtering, to a web application firewall and full-on VPN. So you can simply refer to the info about our commercial product to learn about the feature set - a good place to start might be to click on the "Learn more" button above.

      2. As stated on the download page (before you fill in the form!)..."Software appliance can be either installed on a dedicated Intel-compatible PC or within a virtual machine." For example, I run my UTM Home Edition in VirtualBox on OS X. So, no Raspberry Pi support, I'm afraid. Sorry about that. The Pi doesn't really have enough puff to host an all-singing, all-dancing UTM. As for our hardware appliances - they're very nice, and the entry-level ones are neat, small, quiet and tidy. But...they're not free :-)

      3. Yes, we'd recommend endpoint anti-virus as well a gateway-hosted anti-virus. If ever anyone tells you that a firewall anti-virus is sufficient all on its own, show them a USB flash drive. I didn't mention it above (perhaps I should have), but the UTM Home Edition includes licences for Sophos Anti-Virus for Windows, managed centrally from the UTM, on up to 12 computers. Our anti-virus products for Mac and Android are free for home use in their own right.

      HtH.

      PS. The download form asks you for "Company" although you're not allowed to use it at a company, which is something of an irony. I'll ask the web chaps if they can sort that out. You can just put "N/A," I suppose. Or type in a witticism.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog