Tag: encryption

Monday Morning Firewall Fix: Encrypted traffic, VoIP, & more!

Happy Monday. We want you to start your week off with a burst of productivity. That’s why Firewalls.com put together a list of 5 common mistakes that organizations make when deploying their firewall. These tips are designed to be practical, easy-to-follow, and short! Whether your Internet has slowed to a crawl or the voice on the other end of your VoIP phone sounds like Charlie Brown’s teacher, these quick tips will let you self-diagnose your setup and correct 5 common issues in a few clicks of the mouse. It’s time to get your Monday Morning Firewall Fix!

#1: Your Firewall Isn’t Scanning Encrypted Traffic

Over 60% of the web has migrated from HTTP to HTTPS, a security protocol which encrypts data between websites and servers.  If your firewall is not utilizing Deep Packet Inspection (DPI), then it is not scanning that traffic for viruses, malware, or ransomware potentially encrypted in the data packet. Whereas traditional stateful inspection scans only the data contained in the packet head, DPI scans every last byte for threats. With a majority of the Internet now encrypting everyday web traffic, if you’re not enabling DPI on your SonicWall, you’re completely neglecting the bulk of the danger.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Decryption Service > DPI-SSL/TSL Client
  • Enable: SSL Client Inspection

Enable deep packet inspection to scan the entire packet on HTTPS encrypted sites


#2: Your Firewall Isn’t Gathering Crucial Internet Usage Data

Most companies fail to implement a proper content filtering policy, leading to employees wasting time on non-productive websites or potentially exposing the organization to HR issues. Whether it be adult content, game sites, gambling, movie streaming, or otherwise, users on your network can slow down productivity for everyone while they slum it on unproductive websites. To further complicate the issue, your organization could be held liable for any illegal activity that occurs on your network! Take back control of your network and your traffic.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Security Services > Content Filter
  • Enable: Content Filtering Service

content filtering helps you to stay productive and avoid legal issues when bad actors are on your network


#3: You Haven’t Implemented Employee Tracking

In addition to enabling your content filtering service, you should also implement tracking for your user groups. Without tracking, it’s difficult to track down and reprimand employees who violate your organization’s Internet usage policy. Tracking also helps you pin down users who are slowing down your connection with unusually high bandwidth usage.

Fix It

  • Open your Firewall Admin Console
  • Go to: Manage > Users > Settings
  • Set “User Authentication Method” to any option except for Local Users

employee tracking helps admin see who is wasting resources and who is breaking usage policies


#4: YouTube Is Making Your VoIP Sound Funky

Complaints about an echo, buzz, or garbled sound when talking on your VoIP phone system? It’s likely that your VoIP client is competing with other data-heavy applications that aren’t allowing it access to the bandwidth it needs. By implementing bandwidth usage, packet shaping, and application priorities, you can ensure that your bandwidth is being rationed to business-critical applications (like VoIP) first, granting them priority over less important applications. By setting up your VoIP as a high-priority client, you’ll have strong, crystal clear calls once more.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Network > Interfaces > Configure WAN Interface
  • Click: “Advanced” options tab
  • Enable: Egress Bandwidth Management
  • Enable: Ingress Bandwidth Management

Some applications require a large amount of resources and if those applications are competing with each other, they all lose


#5: You’re Running an Outdated Firewall

If you made it this far and have thought “huh, those last 4 images looked nothing like my admin console,” then you’re not running a current-generation firewall!

The introduction of ransomware-as-a-service and exploit kits has transformed the cyber threat landscape into a dynamic force that adapts and evolves by the day. The old “set it and forget it” approach to cyber security has been outpaced by cyber criminals who are always looking to innovate. Unfortunately, your outdated firewall just doesn’t have what it takes to withstand a modern cyber attack. It’s time to update your firmware, check your subscriptions, & consider an upgrade.

Fix It:

If you’re unable to set up these services, we strongly recommend that you have one of our SonicWall-certified engineers perform a health check on your network and configure the appliance. More than likely, you are NOT secure. Our engineers look for 20+ of the most common mistakes found on firewalls and we provide recommendations to help you address those issues. In order to get the most value and protection out of your firewall, our team implements a 99-step configuration checklist that we’ve developed over two decades as SonicWall partners. With the correct settings, we can get you back to a safe, productive network environment.

Call us today at 866.403.5305 and schedule an appointment to be confident you’re getting the very most out of your cyber security investment.

BYOD & Remote Access: Staying secure in the era of mobile workers

As Bring Your Own Device (BYOD) and Remote Access policies ramp up, so too does the mad dash to secure these new endpoints. Gartner predicted that by 2017, half of employers will require employees to supply their own device for work purposes. With so many fresh attack surfaces, employers scramble to assemble additional security layers that prevent data leakage and intrusions. The nature of BYOD proves challenging as devices in the wild show volatility without proper VPN and next-gen firewalls to lock down security.

Our solutions

Secure Mobile Access – Powerful, cost-effective secure mobile and remote access means that your users have access to applications wherever they’re working, so they stay productive and your company stays competitive.

SonicWall VPN – Ensure secure access to crucial applications for Android & iOS mobile devices using SSL and policy-based enforcement.

Next-Generation Firewalls – Next-Gen Firewalls provide you the power to execute cutting-edge security without your performance withering away.

Secure Remote Access – SonicWall Secure Remote Access solutions provide users with easy-to-use, secure, and clientless remote access to necessary resources on the corporate network.

Aventail SRA Connect Mobile – SonicWALL Aventail with Connect Mobile provides robust remote access solutions for smart phone users, with “in-office” access optimized for the device.

Trouble setting things up?

Firewalls.com provides a video library chock full of helpful how-to’s and troubleshooting guides. One of our certified engineers will provide the answers you crave to set up your remote access VPNs.

Segment your users into Local Users & Groups

Use NetExtender to set up an SSL VPN

BYOD sonicwall firewalls diagram infographic email encryption with SSL VPN

Firewalls.com is a value-added reseller of firewall appliances & a vendor of managed security and Firewall-as-a-Service support.  Whether you’re looking to add an appliance to your security set-up or expand BYOD and remote access security, we provide solutions that get you secure and keep you secure. Contact our sales staff to answer questions you may have about your network, next-gen firewalls, or BYOD!