The following is a response I gave to the question “What are some of the negatives if a firewall is configured too harshly?”
The question is focused on the course that I graduated from at WOZU. So much of the answer is focused on this specific course. But there is also much that can be applied in any circumstance this question may be asked.
Well, I guess to understand this concept you need to have a decent understanding of how a firewall works and what it is they do. So firewalls at the base level block information. But how do they do that?
Well, there are different types of firewalls you have a Web Application Firewall (WAF), A Next-Generation Firewall (NGFW), and your most common packet-filtering firewall to name a few. You can break these down further into I think five categories.
But I digress, as that is much more information than you need to understand for this course. So in this course when they say firewall they are referring to a packet-filtering firewall if I am not mistaken. This is a very basic firewall. You say “hey block this port or block this type of information on this port i.e UDP or TCP”. This firewall works in two ways an in and an out.
So I can block all information on a port coming in or out. Let’s use a common port of 22 Secure Shell (SSH) or 3389 remote desktop protocol (RDP) for this example. We would like to be able to connect over SSH or RDP to the company from anywhere. This will need to be secured with Multi-factor authentication(MFA) and a good pass-key or Single sign-on (SSO) using Active Directory(AD) depending on the Operating system(OS).
To allow this to happen ports 22 and 3389 must be open on the inbound lane of the firewall. Because if it is not, the firewall will drop all traffic from this port to protect the network. Further, if we wanted to SSH from the network to the outside, say a client’s workstation, we would need the outbound lane opened. If this was not open the same thing would happen. The firewall would drop the out connections to protect the network.
So if you take this concept you could see how this could cause problems for a company if the firewall rules are too strict. A few examples are as follows.
Port 80 and 443 being blocked in both directions = no web traffic at all. No connections to the internet.
Port 22 is blocked in both directions = no SSH in either direction at all. So no one can SSH in or out of the network to the client’s workstations.
Port 3389 is blocked coming in but not going out = We can not connect into the network to windows computers. But we can connect out of the network to the client’s workstations.
In these cases, we limit our access inside our outside of the network. There for limiting the amount of work we can or can not do. If we can not do our jobs that would be the most negative thing. If we have a firewall to “harshly” configured in short. People will be coming to us all the time because they can not access what they need to.
Hello there! This is my first comment here so I just wanted to give a quick shout out and say I really
enjoy reading your articles. Can you recommend any other blogs/websites/forums that deal
with the same topics? Thank you so much!
Real good info can be found on weblog.
Great write-up, I am normal visitor of one¦s blog, maintain up the excellent operate, and It is going to be a regular visitor for a long time.
I just could not go away your website before suggesting that I really loved the usual information a person supply to your visitors? Is gonna be again regularly in order to check up on new posts.