Tag: firewall

Managed Firewall Services & The Top 5 Reasons You Should Consider Them

Managed Firewall Services

Since early 2020, the digital threat landscape has vastly changed. What used to work no longer does, and there are countless new ways for bad actors to compromise systems. One of the biggest trends in 2020 was for small and medium size businesses to shift the responsibility of managing the firewall and other network security systems to specialized 3rd parties. Managed firewall services have seen massive growth and consolidation of providers.

If you haven’t received a call or email introducing you to these services you probably will soon, but that might not be a bad thing. While you’re running your business or your jack-of-all-trades IT guy is busy fixing the Wi-Fi, hackers are most likely strategizing ways to penetrate your network. This is where managed firewall services take over and provide an added layer of security on top of your security equipment to ensure your business is safe and won’t suffer a potential catastrophic setback.

The Benefits To 3rd Party Managed Firewall Services

In this article, we’ll discuss the top 5 reasons why it’s important to have managed firewall services and what you need to know. Now, some of the benefits to managed firewall services you may already know – and some you may not. What we’ve found is that even if you know the benefits of 3rd party managed firewall services, for some reason you haven’t strengthened your business with it. Hopefully by the end of this article you understand the sophisticated threat landscape and why hiring a 3rd party network security company makes sense.

1. Your Current Firewall Configuration Settings Are Probably Wrong

When we onboard a new client, 95% of the time they had their firewall misconfigured. Even the companies that have an IT staff most often get this important part of the setup wrong because the firewall is such a specialized piece of IT. In our experience it takes a highly trained network engineer to properly configure a firewall specific to an individual network. Even missing minor parts of the configuration can render the purchase of a firewall useless because that is precisely where hackers will spot a vulnerability. Having a properly configured firewall is just as import as purchasing the correct firewall. This is where having managed firewall services really makes sense. Before the 3rd party can monitor the network they first have to have it set up correctly, which makes this the first realized benefit a client receives when they begin their 3rd party firewall management journey.

2. Maintaining Compliance

Depending on the industry, you may experience stricter compliance but none the less, every business and organization has a responsibility to protect the data of their clients and employees. Having a specialized, highly trained team of network security engineers not only aids in keeping your business compliant but also shows customers your due diligence in providing the best security environment for their sensitive data.

3. Talent & Specialty

Scarcity in the marketplace for individuals who have this skillset is a real thing. Businesses frequently leave their security in the hands of an internal IT guy who is knowledgeable with everything but the firewall. Often we find that IT guy struggles to maintain the security of the organization. What that means is unless you are lucky enough to have a fully-trained network security engineer on staff, you’ll always be one step behind bad actors or completely exposed to all sorts of digital threats. 3rd party managed firewall service companies recruit top talent and hire only the ones that have the necessary skillset required to remotely manage firewalls and the surrounding touchpoints of our clients networks.

4. 24/7 Network Monitoring

Hackers work around the clock and so should your network security team. Network security management isn’t a 9-5 Monday through Friday responsibility. Firewall managed services provides 24/7 monitoring and threat detection protection for your business. This is important because no matter what time it is, you have trusted professionals actively protecting what matters and ensuring the safety of your business.

5. Cost

Since one of the main offerings Firewalls.com provides is managed firewall services, we are afforded the luxury of hiring & paying top talent to protect our clients. We can do this because those expenses aren’t sunk costs, they are revenue generating. Human assets can be deployed across multiple organizations and can be done so for much less than what our clients can do if they hired a full time network security engineer. Outside the salary of a full time engineer there are also costs that involve money and time to be able to find in-house employees, which may never happen. Recruiting can be expensive and can easily take well over a year. Skipping the line and getting expert firewall management for less is one of the main reasons why our clients hire us. The Firewalls.com team has the ability to deploy quickly (time) and can be had for less (money) than a full time employee.

Trust The Security Of Your Network With Firewalls.com

Our clients have trusted us with their network’s security because we offer US based support, a real person picks up the phone, we have a lighting fast ticket resolution rating, and affordable prices. Contact us to day to get started or to receive a quick quote.

 

Firewall managed services pricing

 

Cisco Meraki MX84 Review & Why It’s Ideal for Branch Office Security

Cisco Meraki MX84 Review

The Cisco Meraki MX84 is, as the company would say, a security and SD-WAN appliance. In short, the MX84 is a firewall. And it’s a firewall meant for mid-sized businesses that need to easily and securely connect branches to HQ. We know IT professionals are hard to come by these days, so the simplicity of getting these appliances up and running is a major asset. On top of that, the MX84 boasts a variety of state-of-the-art features that make breaches anything but. Read on as we review the features and benefits of the Cisco Meraki MX84.

Blog Banner General Buy Now Red-High-Quality

Is Cisco Meraki Any Good?

Cisco Meraki is a leading network security brand that gets high marks from independent third party evaluations – and customers – for its security and SD-WAN offerings. So what is it known for? Simplicity. Meraki embraced cloud computing before the cloud was cool. That is to say, easy, single-pane-of-glass management is kinda their thing.

So with Meraki, expect zero-touch (AKA remote) deployment of highly effective security solutions, all managed through the cloud. In other words, admins can adjust security settings of literally thousands of sites all at once, from anywhere. And don’t forget the connectivity! Auto VPN technology connects branch offices in just 3 clicks, through a simple, web-based dashboard.

What Businesses Would Be A Good Fit For the Meraki MX84?

Meraki recommends the MX84 for distributed deployments that require remote administration across medium branch environments. Industries like retail, restaurants, real estate, construction, or even healthcare, schools, and governments may apply.

To clarify, think of a business with multiple offices or project sites but limited IT staff. One or two admins can setup and manage a few – or a few dozen – of these appliances. They’ll offer network protection and secure connectivity without spending hours and miles on deployment. In sum, there are a lot of businesses and organizations that could benefit from the Meraki MX84. And FYI, Firewalls.com recommends the MX84 for deployments of up to 100 users.

What are some of the security features you’ll find?

  • Content Filtering
  • Web Search Filtering
  • YouTube for Schools
  • Intrusion Prevention
  • Cisco Advanced Malware Protection (AMP)
  • Geo-based Firewall Rules
  • Active Directory Integration

Blog Banner General Buy Now Red-High-Quality

Cisco Meraki MX84 Specs

mx84

Stateful Firewall Throughput: 500 Mbps

Max VPN Throughput: 250 Mbps

Advanced Security Throughput: 200 Mbps

Network Interface Ports: 2 dedicated WAN uplinks, 8 GbE RJ45, 2 SFP, 1 USB 2.0 (for 3G/4G failover)

Maximum Concurrent VPN Tunnels: 100

Management: Cloud-based Cisco Meraki Dashboard

View the Datasheet

Cisco Meraki MX84 Pricing & Availability

The Meraki MX84 retails for under $2,000 as a standalone appliance. As a reminder, all Cisco Meraki appliances require an active license to operate. Therefore, you can choose an Advanced Security License to get the full feature set listed above. Or pick an Enterprise license if you’re less concerned about those advanced features. Both come in 1, 3, 5, 7, & 10 year options. Visit our site or talk to an expert at 866-645-2140 to learn more.

 

SonicWall NSa 2700 – Next-Gen Security for Mid-Size Organizations

SonicWall NSa 2700 – Next-Gen Security for Mid-Size Organizations

The new SonicWall NSa 2700 firewall was built to provide advanced threat protection & network-wide security for midsized businesses and distributed enterprises. Sporting all the latest feature sets from SonicWall’s SonicOS 7.0, the NSa 2700 is capable of far more than its NSa predecessors.

With advanced networking features, the SonicWall NSa 2700 can handle anything from SD-WAN, layer 4-7 clustering, high-speed VPN, and dynamic routing. On top of that, you can manage and monitor all this from a single-pane-of-glass interface that puts the most crucial information right at your fingertips.

The SonicWall NSa 2700 delivers multi-gigabit threat prevention throughput and over a gig of throughput even while scanning encrypted traffic. With a huge number of GbE ports – 16 to be exact – and three 10 GbE ports available, your network has plenty of interface real estate to harness. That means clustering, dual power supplies, and high availability are all on the menu.

Blog Banner General Buy Now Red-High-Quality

SonicWall built the NSa 2700 from the ground up with the latest hardware components, all designed to deliver multi-gigabit threat prevention throughput — even for encrypted traffic. Additionally, this firewall supports network and hardware redundancy with high availability, clustering, and dual power supplies. Let’s take a closer look at what the SonicWall NSa 2700 brings to the table…

SonicWall NSa 2700 Spec Snapshot

SonicWall NSa 2700 At A Glance

SonicWall NSa 2700 Next Generation Firewall

Max Firewall Throughput: 5.5 Gbps

Threat Prevention Throughput: 3.0 Gbps

Application Inspection Throughput: 3.6 Gbps

Network Interface Ports: 16x1GbE, 3x10GbE, 2 USB SuperSpeed 3.0, 1 Console, 1 Management

DPI Maximum Connections: 500,000

Connections per Second: 25,000

VLAN Interfaces: 256

Site-to-Site VPN Tunnels: 250

Hardware-Only MSRP: $2595

View the SonicWall NSa 2700 Datasheet

Shop the SonicWall NSa 2700

Check out our latest feature review video for more about the NSa 2700:

What’s New in SonicOS 7.0?

SonicWall’s Gen 7 firewalls feature a brand new operating system that simplifies network security management while focusing on the most pressing threats facing small businesses. TLS 1.3 decryption aims at hunting down and snuffing out elusive encrypted threats. This increased visibility is right at your fingertips. The SonicOS Capture Threat Assessment Report provides summarized insights into traffic, applications, and a variety of advanced threats, ensuring you know exactly what’s lurking on your network.

The learning curve for SonicOS 7.0 is extremely user-friendly, with auto-provision VPNs and a SonicExpress app that make zero-touch deployment a reality. In the era of remote work, the ability to quickly and easily deploy a high-performance, high-security appliance without needing a technician at each site is crucial.

Check out our article SonicOS 7.0: 7.0 Reasons Why This SonicWall OS Rocks to learn more.

Blog Banner General Buy Now Red-High-Quality

TotalSecure Advanced Edition & Essential Edition

So many new advanced features and services arrived with the SonicOS 7.0 appliances that SonicWall had to make brand new licensing bundles to house them all. With the NSa 2700, you have two bundle options. The more basic bundle, called the TotalSecure Essential Edition Bundle, includes these SonicWall security services:

  • Gateway Anti-Virus, Intrusion Prevention, Application Control
  • Content Filtering Service
  • 24×7 Support
  • Network Visibility
  • Basic DNS Security
  • Anti-Spam
  • Capture ATP (Multi-Engine) Sandboxing
  • RTDMI Technology

The TotalSecure Advanced Edition includes everything in the Essentials Edition, with the added bonus of SonicWall Network Security Manager (NSM) Essentials. NSM features:

  • Cloud Management
  • 7 Days Cloud-based Reporting

Optionally, services can be purchased a la carte as well.

Looking for More Firewall Solutions from SonicWall?

Shop SonicWall NSa firewalls if you’re looking for enterprise-grade protection at SMB prices.

Future-proof your setup with secure, scalable SonicWall Network Switches.

Or browse all of our SonicWall products to find the perfect solution for your unique network needs.

 

SonicWall Gen 7 Firewalls Join the NSa & TZ Ranks

SonicWall Gen 7 Firewalls

The next generation of SonicWall next generation firewalls continues to grow. The powerhouse NSa 2700 and three new TZ small business firewalls, the TZ270, TZ370, & TZ470 are the latest entries in SonicWall Gen 7. Following the release of the TZ570 and TZ670 earlier this year, this week’s announcement marks six appliances with a seven in their name. So what does the seventh generation moniker mean?

It means each firewall runs on SonicOS 7.0, the latest iteration of SonicWall’s operating system. On top of that, it means more connections. It means the state-of-the-art protection of Capture ATP, which stops ransomware in its tracks. And of course a big one, top notch performance.

Let’s take a closer look at each of the new SonicWall Gen 7 firewalls.

Blog Banner General Buy Now Red-High-Quality

SonicWall NSa 2700

NSa 2700

The SonicWall NSa 2700 is the first of the mid-size firewalls in SonicWall Gen 7. That means this firewall packs an enterprise feature-rich punch, with a low total cost of ownership that won’t knock out budgets. The NSa 2700 boasts advanced networking features businesses come to expect, like SD-WAN, dynamic routing, and clustering. Along with that, it offers high-speed VPN for 2020’s remote workforce.

When it comes to security, in addition to Capture ATP, the NSa 2700 supports Cloud Application Security, Real Time Deep Memory Inspection, and Reassembly-Free Deep Packet Inspection. On top of that is Deep Packet Inspection for all traffic. In sum, the NSa 2700 with these features is ready to stop the latest threats, including the zero days we don’t know about yet. Here’s a brief look at its other tech specs:

Firewall Throughput: 5.5 Gbps

IPS Throughput: 3.4 Gbps

Threat Prevention Throughput: 3 Gbps

IPSec VPN Throughput: 2.1 Gbps

Maximum Connections (DPI): 500,000

Connections per Second: 25,000

Interfaces: 16x1GbE, 3x10G SFP+, 2 USB 3.0, 1 Console, 1 Management port

SonicWall TZ270, TZ370, & TZ470

TZ Stack

SonicWall’s TZ firewall series is known for offering comprehensive protection to SMBs at an affordable price point. The new members of this series take the protection & performance up a notch. These SonicWall Gen 7 firewalls support the many of the latest security features (Capture ATP, RTDMI, & RFDPI) and connectivity capabilities (SD-WAN, VPN, etc.) we just discussed, but in a desktop package. The TZ270, TZ370, & TZ470 are designed for small businesses as well as enterprise branch offices. On top of the sizing options they provide, they also come in wireless models (look for the W) which can serve as firewalls and access points in one.

Speaking of wireless, you may have heard about a little technological advance known as 5G. Well, so has SonicWall. These TZ firewalls come equipped with a USB 3.0 port that allows for 5G & LTE connectivity. And because these are built for small business, getting them up and running is a snap. They feature zero-touch deployment and setup through the SonicExpress mobile app. Once they’re online, management with the aforementioned SonicOS 7.0 is a breeze as well. But the major differentiator for SonicWall Gen 7 firewalls is performance, so let’s take a look at their tech specs:

SonicWall TZ270/TZ270W

TZ270TZ270W

Firewall Throughput: 2 Gbps

IPS Throughput: 1 Gbps

Threat Prevention Throughput: 750 Mbps

IPSec VPN Throughput: 750 Mbps

Maximum Connections (DPI): 150,000

Connections per Second: 6,000

Interfaces: 8x1GbE, 2 USB 3.0, 1 Console

Blog Banner General Buy Now Red-High-Quality

SonicWall TZ370/TZ370W

TZ370TZ370W

Firewall Throughput: 3 Gbps

IPS Throughput: 1.5 Gbps

Threat Prevention Throughput: 1 Gbps

IPSec VPN Throughput: 1.3 Gbps

Maximum Connections (DPI): 200,000

Connections per Second: 9,000

Interfaces: 8x1GbE, 2 USB 3.0, 1 Console

SonicWall TZ470/TZ470W

TZ470TZ470W

Firewall Throughput: 3.5 Gbps

IPS Throughput: 2 Gbps

Threat Prevention Throughput: 1.5 Gbps

IPSec VPN Throughput: 1.5 Gbps

Maximum Connections (DPI): 250,000

Connections per Second: 12,000

Interfaces: 8x1GbE, 2×2.5GbE, 2 USB 3.0, 1 Console

Which firewall is right for me?

With these new options – and many worthy existing ones – how do you decide which firewall works best for your business? Consider user counts, how those users behave, remote and branch connectivity, your incoming ISP speed, wireless needs, and more. Sound like a lot to consider on your own? Reach out to our certified experts, and they can walk you through the process (and probably get you a better price, too). Chat on our site anywhere you see the window pop up, or call 866-957-2975 to talk with them today!

What’s the Difference Between the FortiGate 80F & FortiGate 80E?

Fortinet’s latest models, the FortiGate 80F and 81F have just launched. With a SoC4 security processor, application-specific chips, and new WAN edge features, the 80F series is another entry in Fortinet’s steady upgrade from the excellent E Series to the faster, even more secure F Series firewalls. The FortiGate 80F follows in the footsteps of the FortiGate 40F, FortiGate 60F, & FortiGate 100F. So what exactly is the difference between FortiGate 80E UTM appliances and the FortiGate 80F next generation firewall?

The FortiGate 80F

 

FortiGate 80F Tech Specs – Datasheet

Firewall Throughput: 10 Gbps

IPS Throughput: 1.4 Gbps

NGFW Throughput: 1 Gbps

SSL VPN Throughput: 900 Mbps

Concurrent Sessions (TCP): 1,500,000

New Connections per Second: 45,000

Firewall Latency: 4 μs

Not sure what these numbers mean? Check out our post explaining firewall Tech Specs!

Blog Banner General Buy Now Red-High-Quality

FortiGate 80F Overview

The FortiGate 80F brands itself as a secure SD-WAN and security appliance. This focus on the WAN edge is growing more and more popular in the network security space as small businesses and enterprises alike step up to the challenges of digital transformation and remote work. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.

Fortinet’s security-driven networking approach focuses on seamless integration, simple deployment, and intuitive, feature-rich management. This is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind technology handles identification and steering for over 5,000 known cloud applications.

The FortiGate 80F joins its F-Series brethren as leaders of the SD-WAN race. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models should put them at the top of any shortlist.

 

The FortiGate 80E

FortiGate 80E Tech Specs – Datasheet

Firewall Throughput: 4 Gbps

IPS Throughput: 450 Mbps

NGFW Throughput: 360 Mbps

SSL VPN Throughput: 200 Mbps

Concurrent Sessions (TCP): 1,300,000

New Connections per Second: 30,000

Firewall Latency: 3 μs

Not sure what these numbers mean? How about another reminder about our post explaining firewall Tech Specs!

FortiGate 80E Overview

The FortiGate 80E is well-recognized in the industry as a powerhouse of network security, fit for most mid-sized businesses and larger branch offices. The FG-80E includes a SoC3 system-on-a-chip build that optimizes processing power and performance without sacrificing security. As part of the Fortinet Security Fabric, the FortiGate 80E integrates multiple layers of security across small business networks, letting systems communicate in real time to detect and stop advanced threats.

The FortiGate 80E is a Unified Threat Management (UTM) platform that delivers wired and wireless networking for networks up to roughly 50 users. This model also comes with variants that boast improved internal storage as well as Power-over-Ethernet capabilities. A USB port located on the rear of the appliance allows for 3G/4G compatibility that allows for additional WAN connectivity and redundancy.

Blog Banner General Buy Now Red-High-Quality

How much does the FortiGate 80F cost?

Pricing for FortiGate 80F starts with an MSRP of $1200 for the Appliance Only model (though Firewalls.com highly discourages buying “appliance only” products as a primary firewall). However, Requesting a Quote or connecting with a Firewalls.com account representative via Live Chat will immediately shave hundreds of dollars off your final price tag.

Compared to the FG-80E, the FortiGate 80F nets you four times the UTM throughput, extra space for site-to-site tunnels, and connection per second gains an order of magnitude greater than E Series counterparts. And don’t forget that whole purpose-build secure SD-WAN, too.

Visit our Fortinet FortiGate 80F/81F page to Request a Quote or Live Chat now.

New WatchGuard T20, T40, & T80 Firewalls

New WatchGuard Firewalls: Firebox T20, T40, & T80

The WatchGuard T20, along with its counterparts the WatchGuard T40 and WatchGuard T80, are the latest Firebox T-Series appliances. Launched in June 2020, these new WatchGuard firewalls sport faster speeds and increased security. This is big security in a small appliance.

The WatchGuard T20 or T40 can be used as a standalone firewall for small offices, or act as a VPN gateway to provide secure remote access to employees working from home. Some improvements include:

  • Increased throughput speeds
  • More Gig Ports
  • Built with SD-WAN in mind
  • More connections than ever
  • Greater capacity for VPN tunnels

Get an in-depth look at the new Firebox T-Series firewalls with our latest feature review video, then read on for more!

Blog Banner General Buy Now Red-High-Quality

 

WatchGuard T20 Spec Snapshot

WatchGuard T20 Firewall

WatchGuard T20 Firewall

Max Firewall Throughput: 1.7 Gbps

VPN Throughput: 485 Mbps

Network Interface Ports: 5 x 1GbE, 1 USB, 1 Serial

Maximum Connections: 95,000

Authenticated User Limit: 200

Branch Office VPNs: 10

 

WatchGuard T40 Spec Snapshot

WatchGuard T40 Firewall

WatchGuard T40 Firewall

Max Firewall Throughput: 3.4 Gbps

VPN Throughput: 880 Mbps

Network Interface Ports: 5 x 1GbE, 2 USB, 1 Serial

Maximum Connections: 200,000

Authenticated User Limit: 500

Branch Office VPNs: 30

 

WatchGuard T80 Spec Snapshot

WatchGuard T80 Firewall

WatchGuard T80 Firewall

Max Firewall Throughput: 4.7 Gbps

VPN Throughput: 1.4 Gbps

Network Interface Ports: 8 x 1GbE, 1 USB, 1 Serial

Maximum Connections: 200,000

Authenticated User Limit: 500

Branch Office VPNs: 60

 

Blog Banner General Buy Now Red-High-Quality

Save Money on WatchGuard T20, T40, & T80 Firewalls

WatchGuard makes it easy to save money if you’re ready to upgrade. WatchGuard T40 piqued your interest? WatchGuard’s trade up program lets you earn up to 25% when you upgrade. Just send in your old, aging Firebox and you’ll save big while gaining access to tools and services only available on the newest generation:

  • SD-WAN with zero touch deployment
  • WatchGuard Cloud for management & reporting
  • IntelligentAV to stop unknown threats with AI
  • ThreatSync security data
  • DNSWatch, Network Discovery, & more

SonicWall Support: How to Support Your SonicWall

What is SonicWall Support…And why do I need it?

A SonicWall firewall is an important purchase. It’s an investment showing that you recognize the need to protect your network from the many cyber threats out there today. But to truly ensure you have that secure network through thick and thin, you need someone backing you – and it – up. That’s where SonicWall Support comes in to lend a hand. What do you get with SonicWall Support?

Software and Firmware Updates

We know that cyber threats are ever evolving. And never before seen vulnerabilities can pop up out of the blue. A SonicWall Support subscription gets you any software and firmware updates needed to patch those unforeseen holes. That means you don’t need to search out updates or worry if you’ll be able to load them. Just like Phoebe, Monica, Chandler, Rachel, Joey, and even Ross – they’ll be there for you. Oh, and the same goes for any software or firmware upgrades while your subscription is active.

Advance Hardware Replacement

If it seems like something’s wrong with your firewall, SonicWall Support will work with you to see if a replacement is needed. If so, you’ll receive a Returned Material Authorization or RMA number. And most importantly, SonicWall will ship you a replacement unit for next business day delivery. The replacement appliance will even automatically have your registration information and subscription services transferred to it. All you’ll need to do is return your defective device, with shipping paid by SonicWall.

Technical Support

Simply put, when you have a question or issue, you can reach out for help in whatever contact method you prefer. You get an expert on the other end of the phone, an online chat, or an email. They’ll help you troubleshoot your issue with knowledgeable technical support. You can go with 8×5 Support – which is available during business hours Monday through Friday in your time zone. Go for 24×7 Support to ensure there’s always someone at your beck and call immediately, because trouble doesn’t care what time it is.

SonicWall Support also equips you with tools to support yourself. There’s a knowledge base offering detailed documentation. And moderated discussion groups through the SonicWall Community allow you to collaborate with others to solve common problems.

Beyond Support

Keep in mind, SonicWall Support specialists are there to ensure your products perform up to specifications – so not every question or situation may qualify. The good news is, if you need more advanced support there’s an option for you as well. To ensure you’ll always have answers to any questions about your network – you’ll want to go managed. That is, a managed security subscription through Firewalls.com.

Our Managed Security Service takes you beyond support – with certified engineers offering configuration updates, help with any network issues you may have, assistance with those software or firmware updates, help with equipment repair or replacement, and more. That more includes 24×7 monitoring of your firewall with quarterly checkups and web-based reporting. In fact, you can expect a call from us offering a fix to an issue or a configuration tweak to optimize your network. That proactive monitoring means solutions come before problems take down your network. And signing up for Managed Services requires no contract – they operate with flexible month to month subscriptions. Visit our Professional Services page to learn more, or call 866-645-2140 to get started.

How Do I Get SonicWall Support?

SonicWall Support is available in a variety of ways (and for a variety of products). The simplest – and best – way to get a support subscription is through a TotalSecure Advanced Edition bundle. The bundle includes SonicWall hardware plus Advanced Gateway Security Suite, which includes 24×7 support plus just about any other key security service you can think of. If you want to go the a la carte route, both 8×5 and Standard Support subscription options are also available, but the bundle is the way to go for total network protection from any threat.


 

What is a firewall? Why does my business need a firewall?

What is a firewall & why do I need a firewall?

What is a firewall exactly? Here at Firewalls.com, we believe that firewalls are not only your primary line of defense against advanced threats but also the heart of your larger network security environment. Firewalls keep users safe as they use the Internet, send or receive emails, and access company files. Firewalls scan all incoming and outgoing traffic on your network, choosing to either permit or block any data packet they read.

By configuring your firewall with a set of common sense security rules and policies, you can safeguard your confidential data against hackers. By analyzing traffic at your network’s entry points, firewalls are able to keep potential threats out while letting employees and business applications communicate safely across the open web.

What is a firewall? SonicWall TZ350 secure small business networks

 

How do firewalls work?

Firewalls work by monitoring inbound and outbound traffic on your network. When a data packet requests access to your network, your firewall inspects the packet head to determine whether the request is valid or potentially dangerous. Next generation firewalls such as SonicWall TZ and SonicWall NSa firewalls go a step farther with Deep Packet Inspection, cracking open the entire data packet to inspect its contents before reaching a security determination.

Traditional firewalls relied on signature-based scanning to look out for threats. That meant that each packet’s contents were checked against a database of millions upon millions of known threat signatures. However, more advanced firewalls and endpoint protection platforms, such as Sophos XG, rely on machine learning and AI to make behavior-based verdicts. Super smart security engines actually think and learn inside your firewall, using global threat data to constantly improve their understanding of what a threat looks like, how it behaves, and how to stop it.

Firewall configuration

Why do businesses need to configure their firewall and how hard is a configuration? While some deployments can be fairly simple, most businesses should have a custom configuration for their primary firewall, tailored to suit the unique needs of their network. The firewall setup wizard just doesn’t cut it. Firewalls.com recommends that you entrust a certified firewall expert with the configuration of your firewall to ensure your attack surfaces are minimized, your firewall is stealthy, and no pesky bottlenecks are jamming up your Internet speeds.

A quality firewall configuration service should include a one-on-one discussion with your organization to determine how your network is used and what unique factors may present risks to your data. Phone-based deployment and post-deployment support are a must. You can simplify installation and minimize downtime by ensuring you have a knowledgeable support engineer on the line to walk you through every step. Want to see the steps involved in a configuration?


 

How many different types of firewalls are there?

Firewalls come in all shapes and specifications, so finding the right one for your network can be a challenge. While datasheets and firewall comparisons are easy to find, it can still be tough to wrap your head around what types of firewalls you can choose from. We’ll break down a few different ways firewalls are classified to help you better understand the appliance landscape.

WatchGuard manufacturers all kinds of different firewall appliances

Form Factors

  • Desktop Firewalls – Small, but powerful. Desktop firewalls are made with SMBs in mind & fit next to your favorite coffee mug
  • Rackmount Firewalls – Able to be mounted in any standard 19″ server rack with a rackmount kit
  • Virtual Firewalls – No appliance? No problem. Virtual firewalls live in the cloud & secure networks with no on-prem footprint

Firewall Sizing

  • Small Business Firewalls – Fit for home offices or SMBs up to 100 users, small business firewalls make advanced security affordable
  • Mid-Sized Firewalls – For businesses that need a bit more room for users & bandwidth, like SonicWall NSa series
  • Enterprise Firewalls – 2,500 users or more? Enterprise firewalls are security powerhouses with unmatched performance

Firewall Generations

  • Stateful Inspection Firewalls – Simple, signature-based analysis of inbound & outbound traffic
  • UTM Firewalls – Holistic appliances combining basic firewalling with multiple other security services & functions
  • Next Generation Firewalls – The latest generation of firewalls integrating entire networks in real time with machine learning


 

Firewalls. Defined.

Curious for more information about firewalls, network security, or cyber threats? The Firewalls.com Knowledge Hub is crammed full of resources to learn how firewalls work and understand what kinds of firewalls there are. Check out our firewall podcast or subscribe to our YouTube channel for firewall reviews, firewall comparisons, tutorials, and more.
 

Comparing Cisco Meraki MX64 & Cisco Meraki MX67

Comparing the Cisco Meraki MX64 & Cisco Meraki MX67 Firewalls

The Cisco Meraki MX64 and Cisco Meraki MX67 firewalls are both geared towards small businesses looking for affordable, efficient security. Part of the Meraki MX Firewall series, these models share a lot in common at first glance. But that may make it tricky for SMBs and network administrators to decipher which of these next generation firewalls is best suited to their unique network demands.

Both SD-WAN-ready appliances are ideal for SMBs seeking an all-in-one UTM solution backed by a globally recognized brand they can trust. But which one works for you? Compare the Cisco Meraki MX64 and Cisco Meraki MX67 below with side-by-side tech spec comparisons, feature spotlights, and more.  

Blog Banner General Buy Now Red-High-Quality

Cisco Meraki MX64 Tech Spec Snapshot

Cisco Meraki MX64 Firewall.

Ideal For: Entry-level firewall for small businesses

What Sets It Apart: Highly-efficient UTM & SD-WAN solution at a low price point

Max Recommended Users: 50

Max VPN Throughput: 100 Mbps

Advanced Security Throughput: 200 Mbps


 

Cisco Meraki MX67 Spec Snapshot

Cisco Meraki MX64 Firewall.

Ideal For: Remote locations & areas requiring high availability

What Sets It Apart: Built-in modems simplify cellular uplink backups for remote locations 

Max Recommended Users: 50

Max VPN Throughput: 450 Mbps

Advanced Security Throughput: 300 Mbps


Blog Banner General Buy Now Red-High-Quality

What comes with a Cisco Meraki MX64 & MX67 firewall?

Ready to level up your security with Cisco Meraki? Tag on an Enterprise or Advanced Security license to unlock advanced security features, bolstering your network’s defenses against encrypted malware, ransomware, & zero day threats. These licenses come in 1-, 3-, 5-, 7-, or even 10-year terms and include 24×7 support from Cisco Meraki specialists, as well as the following security features:

Included with a Cisco Meraki Enterprise License

  • Stateful Layer 7 firewall
  • Site-to-site VPN
  • Client VPN
  • Dynamic host configuration protocol
  • Branch routing
  • Intelligent path control
  • App visibility & control

Included with a Cisco Meraki Advanced Security License

  • All of the features listed above, plus
  • URL content filtering
  • Google SafeSearch enforcement
  • Youtube EDU enforcement
  • Intrusion prevention
  • Advanced malware protection (AMP) with Threat Grid support
  • Geo-IP firewall rules


Blog Banner General Buy Now Red-High-Quality

More firewall review videos

Still shopping for the right firewall for your business network? Check out our firewall review videos to compare your options. You can learn more about:

Monday Morning Firewall Fix: Encrypted traffic, VoIP, & more!

Happy Monday. We want you to start your week off with a burst of productivity. That’s why Firewalls.com put together a list of 5 common mistakes that organizations make when deploying their firewall. These tips are designed to be practical, easy-to-follow, and short! Whether your Internet has slowed to a crawl or the voice on the other end of your VoIP phone sounds like Charlie Brown’s teacher, these quick tips will let you self-diagnose your setup and correct 5 common issues in a few clicks of the mouse. It’s time to get your Monday Morning Firewall Fix!

#1: Your Firewall Isn’t Scanning Encrypted Traffic

Over 60% of the web has migrated from HTTP to HTTPS, a security protocol which encrypts data between websites and servers.  If your firewall is not utilizing Deep Packet Inspection (DPI), then it is not scanning that traffic for viruses, malware, or ransomware potentially encrypted in the data packet. Whereas traditional stateful inspection scans only the data contained in the packet head, DPI scans every last byte for threats. With a majority of the Internet now encrypting everyday web traffic, if you’re not enabling DPI on your SonicWall, you’re completely neglecting the bulk of the danger.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Decryption Service > DPI-SSL/TSL Client
  • Enable: SSL Client Inspection

Enable deep packet inspection to scan the entire packet on HTTPS encrypted sites


#2: Your Firewall Isn’t Gathering Crucial Internet Usage Data

Most companies fail to implement a proper content filtering policy, leading to employees wasting time on non-productive websites or potentially exposing the organization to HR issues. Whether it be adult content, game sites, gambling, movie streaming, or otherwise, users on your network can slow down productivity for everyone while they slum it on unproductive websites. To further complicate the issue, your organization could be held liable for any illegal activity that occurs on your network! Take back control of your network and your traffic.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Security Services > Content Filter
  • Enable: Content Filtering Service

content filtering helps you to stay productive and avoid legal issues when bad actors are on your network


#3: You Haven’t Implemented Employee Tracking

In addition to enabling your content filtering service, you should also implement tracking for your user groups. Without tracking, it’s difficult to track down and reprimand employees who violate your organization’s Internet usage policy. Tracking also helps you pin down users who are slowing down your connection with unusually high bandwidth usage.

Fix It

  • Open your Firewall Admin Console
  • Go to: Manage > Users > Settings
  • Set “User Authentication Method” to any option except for Local Users

employee tracking helps admin see who is wasting resources and who is breaking usage policies


#4: YouTube Is Making Your VoIP Sound Funky

Complaints about an echo, buzz, or garbled sound when talking on your VoIP phone system? It’s likely that your VoIP client is competing with other data-heavy applications that aren’t allowing it access to the bandwidth it needs. By implementing bandwidth usage, packet shaping, and application priorities, you can ensure that your bandwidth is being rationed to business-critical applications (like VoIP) first, granting them priority over less important applications. By setting up your VoIP as a high-priority client, you’ll have strong, crystal clear calls once more.

Fix It:

  • Open your Firewall Admin Console
  • Go to: Manage > Network > Interfaces > Configure WAN Interface
  • Click: “Advanced” options tab
  • Enable: Egress Bandwidth Management
  • Enable: Ingress Bandwidth Management

Some applications require a large amount of resources and if those applications are competing with each other, they all lose


#5: You’re Running an Outdated Firewall

If you made it this far and have thought “huh, those last 4 images looked nothing like my admin console,” then you’re not running a current-generation firewall!

The introduction of ransomware-as-a-service and exploit kits has transformed the cyber threat landscape into a dynamic force that adapts and evolves by the day. The old “set it and forget it” approach to cyber security has been outpaced by cyber criminals who are always looking to innovate. Unfortunately, your outdated firewall just doesn’t have what it takes to withstand a modern cyber attack. It’s time to update your firmware, check your subscriptions, & consider an upgrade.

Fix It:

If you’re unable to set up these services, we strongly recommend that you have one of our SonicWall-certified engineers perform a health check on your network and configure the appliance. More than likely, you are NOT secure. Our engineers look for 20+ of the most common mistakes found on firewalls and we provide recommendations to help you address those issues. In order to get the most value and protection out of your firewall, our team implements a 99-step configuration checklist that we’ve developed over two decades as SonicWall partners. With the correct settings, we can get you back to a safe, productive network environment.

Call us today at 866.403.5305 and schedule an appointment to be confident you’re getting the very most out of your cyber security investment.