Tag: network security

Managed Firewall Services & The Top 5 Reasons You Should Consider Them

Managed Firewall Services

Since early 2020, the digital threat landscape has vastly changed. What used to work no longer does, and there are countless new ways for bad actors to compromise systems. One of the biggest trends in 2020 was for small and medium size businesses to shift the responsibility of managing the firewall and other network security systems to specialized 3rd parties. Managed firewall services have seen massive growth and consolidation of providers.

If you haven’t received a call or email introducing you to these services you probably will soon, but that might not be a bad thing. While you’re running your business or your jack-of-all-trades IT guy is busy fixing the Wi-Fi, hackers are most likely strategizing ways to penetrate your network. This is where managed firewall services take over and provide an added layer of security on top of your security equipment to ensure your business is safe and won’t suffer a potential catastrophic setback.

The Benefits To 3rd Party Managed Firewall Services

In this article, we’ll discuss the top 5 reasons why it’s important to have managed firewall services and what you need to know. Now, some of the benefits to managed firewall services you may already know – and some you may not. What we’ve found is that even if you know the benefits of 3rd party managed firewall services, for some reason you haven’t strengthened your business with it. Hopefully by the end of this article you understand the sophisticated threat landscape and why hiring a 3rd party network security company makes sense.

1. Your Current Firewall Configuration Settings Are Probably Wrong

When we onboard a new client, 95% of the time they had their firewall misconfigured. Even the companies that have an IT staff most often get this important part of the setup wrong because the firewall is such a specialized piece of IT. In our experience it takes a highly trained network engineer to properly configure a firewall specific to an individual network. Even missing minor parts of the configuration can render the purchase of a firewall useless because that is precisely where hackers will spot a vulnerability. Having a properly configured firewall is just as import as purchasing the correct firewall. This is where having managed firewall services really makes sense. Before the 3rd party can monitor the network they first have to have it set up correctly, which makes this the first realized benefit a client receives when they begin their 3rd party firewall management journey.

2. Maintaining Compliance

Depending on the industry, you may experience stricter compliance but none the less, every business and organization has a responsibility to protect the data of their clients and employees. Having a specialized, highly trained team of network security engineers not only aids in keeping your business compliant but also shows customers your due diligence in providing the best security environment for their sensitive data.

3. Talent & Specialty

Scarcity in the marketplace for individuals who have this skillset is a real thing. Businesses frequently leave their security in the hands of an internal IT guy who is knowledgeable with everything but the firewall. Often we find that IT guy struggles to maintain the security of the organization. What that means is unless you are lucky enough to have a fully-trained network security engineer on staff, you’ll always be one step behind bad actors or completely exposed to all sorts of digital threats. 3rd party managed firewall service companies recruit top talent and hire only the ones that have the necessary skillset required to remotely manage firewalls and the surrounding touchpoints of our clients networks.

4. 24/7 Network Monitoring

Hackers work around the clock and so should your network security team. Network security management isn’t a 9-5 Monday through Friday responsibility. Firewall managed services provides 24/7 monitoring and threat detection protection for your business. This is important because no matter what time it is, you have trusted professionals actively protecting what matters and ensuring the safety of your business.

5. Cost

Since one of the main offerings Firewalls.com provides is managed firewall services, we are afforded the luxury of hiring & paying top talent to protect our clients. We can do this because those expenses aren’t sunk costs, they are revenue generating. Human assets can be deployed across multiple organizations and can be done so for much less than what our clients can do if they hired a full time network security engineer. Outside the salary of a full time engineer there are also costs that involve money and time to be able to find in-house employees, which may never happen. Recruiting can be expensive and can easily take well over a year. Skipping the line and getting expert firewall management for less is one of the main reasons why our clients hire us. The Firewalls.com team has the ability to deploy quickly (time) and can be had for less (money) than a full time employee.

Trust The Security Of Your Network With Firewalls.com

Our clients have trusted us with their network’s security because we offer US based support, a real person picks up the phone, we have a lighting fast ticket resolution rating, and affordable prices. Contact us to day to get started or to receive a quick quote.


Firewall managed services pricing


What Is SonicWall NetExtender & How Can It Improve Your Remote Workforce?

What Is SonicWall NetExtender

SonicWall NetExtender is an application for Windows, Mac, and Linux that allows a remote user to access applications, files, resources, and more from the base network while being protected by that base network’s security apparatus.

To use it, a remote user will need an active SonicWall VPN license. A VPN, also known as virtual private network, is a secure way of accessing company data from anywhere in the world. SonicWall VPNs work in tandem with NetExtender as a means of routing a remote user’s device, desktop or mobile device, safely to the base network.

Blog Banner General Buy Now Red-High-Quality

How Can SonicWall NetExtender Improve Your Remote Workforce

By offering VPN licenses to a remote workforce, you provide your business & users all the same protection capabilities they’d receive if they were working in the office. When remote employees work through NetExtender, they have the freedom to work at efficient speeds with more direct access to files and apps. On top of that, they get security capabilities only available to users connected to your base network.

Benefits At A Glance

  • Access secure files from anywhere in the world
  • Use all the business-critical applications you’re used to
  • Secure communications
  • Extend on-premises levels of security to employees working from home
  • Maintain compliance requirements

How Much Do VPNs With SonicWall NetExtender Cost

SonicWall virtual private network solutions are designed for scalable cost. The solution depends on the number of licenses you’ll need, which VPN protocols you use, and what configuration or support options are included. To learn more about the different types of SonicWall VPN clients that work through NetExtender, check out our comparison between SonicWall SSL VPN & Global VPN.

Blog Banner General Buy Now Red-High-Quality

Looking For A NetExtender VPN Solution?

Configure A Scalable NetExtender Solution

Configuring the right SonicWall VPN solution isn’t the easiest thing to do. Our network security experts are on standby to help guide you through the decision making process. To start your scalable SonicWall VPN solution through NetExtender, call 317-225-4117 or reach out via our secure contact form.

Don’t forget to renew your security services

Remember your security services

With COVID-19 causing workplaces to shift from on premises to remote, network admins have had their hands full keeping employees connected and secure. We know there are plenty of factors to consider to make that happen. But one consideration that can’t get lost in the shuffle: security services subscriptions. These subscriptions have a shelf life, and if allowed to expire, that may render a lot of the effort to protect workplace data – and offer reliable remote access – moot.

Allow me to explain further. Firewalls – the cornerstone of any secure network – are not fully optimized security machines without a suite of security services to enhance their hardware. Those services can include (but are certainly not limited to):

  • Advanced Threat Protection
  • Antivirus
  • Antispam
  • Application Control
  • Content filtering
  • Data loss prevention
  • Enhanced management capabilities
  • Sandboxing
  • SD-WAN services
  • Web application firewalling
  • Web surfing protection
  • 24×7 Technical Support and Updates

This is just a partial list relating to firewalls, with services depending on the manufacturer. But when a security services subscription expires, it could leave your network vulnerable to all of the threats these services address – and leave you out in the cold when it comes to certain networking features you rely on.

What does this have to do with remote employees?

Service subscriptions extend beyond the firewall, with offerings like endpoint protection. This protection is a vital component to a secure remote workforce both to keep data from prying eyes and to offer enhanced visibility into remote devices for network admins. And of course the secure access offered by VPN clients or secure mobile access appliances benefits greatly from active support subscriptions as well. Network security pros can help troubleshoot any of the myriad issues that can arise when most of your employees are connecting remotely.

Additional subscriptions cover a variety of appliances from wireless access points to email gateways to network switches, as well as virtual appliances and other standalone services. Regardless, it’s vital to keep them up to date and renew before they expire to avoid interruptions that can stop your network in its tracks.

How do I know when expiration is nearing?

If you’re a Firewalls.com customer, we’ll send you email notifications starting 90 days from your service expiration date. So even with everything else going on, it’s another reason to keep up with your inbox. If you don’t receive these emails from either us or directly from your service provider, simply visit your manufacturer portal, reach out to your IT consultant, or start a chat on Firewalls.com and we’ll be happy to help too.

How do I renew?

Regardless of where you initially purchased service, this is an easy answer. Go to our Renewals & Licensing locator, choose your product and subscription type, and choose your preferred subscription length. Firewalls.com offers renewals and licensing for SonicWall, Fortinet, Sophos, WatchGuard, Ruckus, Cisco Meraki, and Barracuda.

A few things to keep in mind:

  • You’ll pay a lower yearly cost and guard against any increases in subscription rates with a longer-term renewal
  • Some services like Barracuda licenses come in month-to-month terms, while some come in 1, 2, 3, 4, or 5 year lengths
  • If you upgrade to a new firewall, you can migrate your existing service subscriptions with you

If you have a question while you’re on the renewals page, wait for the chat popup, and one of our experts will be happy to assist you. Either way, it’s a quick and easy process, and your term will be extended before you know it. However you choose to renew, just remember, expired services hurt your network’s performance and security, so keep your subscriptions active!


Navigating Network Security – Ping Podcast Episode 6

Episode 6: Navigating Network Security

When you’re setting up a new office, there’s a lot to consider. How many desks do I need? What kind of coffeemaker should I get? Where do I find staff? Setting up a secure, reliable network should be near the top of your list. Business requires a network that maximizes internet service and optimizes connectivity. As a small business owner – or anyone else tasked with setting up a network – you know you need equipment and security services, but may not feel comfortable navigating the labyrinth of options on the network security market. That’s where we extend a helping hand! On Episode 6 of Ping: A Firewalls.com Podcast, Andrew and Kevin welcome Anthony Mercho, Firewalls.com’s Director of Sales, to shed light on the initial questions you’ll need to answer to make the best long-term investments for your network. We talk user counts, connection speeds, network switches, wireless APs, and much more.

To reach Anthony’s team of experts for a one-on-one discussion of your needs, call 866-403-5305 or instantly connect via live chat when you visit Firewalls.com. You can also follow the Firewalls.com Blog for everything network security related. Looking for information on specific brands? Check out our Buyers Guide series.

Also in this episode, our Network Engineer Nick Petriko pitches in with an Engineer’s Minute that reminds you about one of the first things you should do when your new firewall arrives. Check out all of the expert security services our certified engineers offer.

And in our Headlines segment, you’ll hear why in an age of zero-days, phishing and other simple attack types may still be most likely to cost you, risks that Internet of Things (IoT) devices pose even when not on your network, and about a recent cyber attack on a nuclear facility that likely won’t give you warm fuzzies.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Remember to subscribe or follow where you can to get the latest episodes as soon as they’re released, and rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or follow the links right here:

New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!

Emotet: the Biggest Network Security Villain of 2019

The Biggest Villain of 2019

The U.S. Department of Homeland Security considers it to be among the most costly and destructive threats to U.S. businesses in 2019

It constantly evolves, using adaptation and versatility to grow stronger with each new iteration…

It leverages several attack vectors against multiple targets, giving it plenty of opportunities to secure a victory…

The Feared, the Elusive, the Tenacious Malware: Emotet.

Emotet is a sophisticated cyber attack that uses its skills as a shapeshifter to spread itself far and wide across the Internet. The US Department of Homeland Security estimates that organizations in 2019 have shelled out as much as $1,000,000 per incident to recover from an Emotet attack. With big baddies from seasons past like WannaCry and Petya still fresh in the memory, businesses must now turn their attention to the security world’s 2019 season antagonist: Emotet.

What do Marvel’s Ultron and Emotet have in common?

You may defeat them now, but they always come back stronger, smarter form than before! Just like the comic villain Ultron, featured in Marvel’s 2015 “Avengers: Age of Ultron,” Emotet always finds a way to make itself more dangerous. This complicated malware has been constantly evolving since its humble origin story as an upstart banking trojan in 2014. In fact, Sophos Labs detected and identified over 4,500 different varieties of Emotet carrying unique payloads in January alone.

Emotet gives itself multiple chances to win. It spreads across networks, propagating itself through email spam and lateral movement, using your devices as remote zombies. Emotet collects contacts and browsing data. It can even act as a decoy for nastier attacks. Emotet isn’t picky; the malware can carry whatever malware is paying out top dollar at the time. Whether it’s TrickBot malware, QBot banking trojans, BitPayment ransomware, or something even more nefarious, Emotet is an ideal delivery system for payloads of all kinds. It’s flexible. It’s persistent. And it always comes back stronger!

The Emotet malware’s principal delivery method is through fake emails. One wrong click or careless attachment download lets Emotet get a foot in the door and from there, it begins its primary objective: spread to other devices on the network. Once infected, your inbox will start spitting out malicious emails to everyone in your contact list, providing Emotet with opportunities to infect far and wide. During this process, your email domain reputation plummets!

Once a system is infected, Emotet calls back home and initiates a malware download for whatever payload it’s been built to carry. In this call back step, Emotet may also take the opportunity to lift your contact lists and browser data to be sold off on the black market. With its versatility, constant evolution, and multiple victory conditions to meet, Emotet is a truly tricky foe.

Perhaps its most dangerous use, though, is as a smokescreen. Due to the fast-acting nature of Emotet, its rapid expansion sends network administrators into a frenzy to prevent further compromise. Some cyber attackers use this period of panic as a chance to initiate a targeted ransomware attack. By the time the initial Emotet chaos has been stabilized, ransomware like BitPaymer has already used the distraction to get a stranglehold on the organizations’ data.

Defeating Emotet

Call us old-school, but Firewalls.com believes the bad guys should always lose in the end. Most single solutions are ill-equipped to deal with Emotet. Between its versatility, speed, and ability to assault multiple targets, you’ll need a whole team to take it down. If you’re thinking the Avengers, think again. Sophos Synchronized Security with Sophos Heartbeat is just the band of network defending heroes to call if you want to send the baddies packing.

Try Synchronized Security Free for 30 Days

Sophos protects against Emotet at every point in the attack chain. Synchronized Security means that your endpoints and your firewall communicate with each other in real-time to provide comprehensive and instantaneous response to threats. This constant pulse of communication between endpoints and the network is called the Sophos Heartbeat. The moment an attack is detected, Sophos Heartbeat instantly relays details back to XG Firewall in order to isolate the machine, shut it off from the network, and begin remediation.

Sophos Email Protection blocks spam both inbound and outbound. Leveraging threat intelligence from SophosLabs, Sophos email protection identifies malicious emails like those that propagate Emotet and shuts threats down before they hit the inbox. Active threat protection, malicious attachment sandboxing, and time-of-click URL protection all come standard with Sophos Central Email Advanced, giving your inbox all the superpowers it needs to shut down Emotet at its point of entry.

Try Sophos Email Free for 30 days

Read Sophos Email Datasheet

If a single endpoint becomes infected, Sophos Intercept X springs into action, isolating the device before Emotet has a chance to spread across the network. Intercept X is super smart, harnessing deep learning capabilities to anticipate new threats and predict security threats before they happen. Intercept X cuts off the opportunity for lateral movement and gets to work cleaning up the infected systems. Sophos Intercept X Advanced consolidates protection and Endpoint Detection and Response (EDR) into a single solution with guided incident response.

Try Intercept X Free for 30 days

Read Intercept X Advanced Datasheet

XG Firewalls feature advanced cloud-based sandboxing to examine and detonate payloads in a quarantined environment. XG Firewall is the overwatch command center that communicates in real time with endpoints thanks to the Sophos Heartbeat. AI-powered behavioral monitoring lets XG Firewalls detect behaviors consistent with Emotet and pre-emptively block all currently known IP addresses with Emotet. With advanced protection guarding the point-of-entry, individual endpoints, and at the network level, your Sophos team makes short work of Emotet.

 Try XG Firewalls Free for 30 days

Read XG Firewall Datasheet

Since these programs were designed to work as one well-oiled machine, all of these layers of Sophos protection occur automatically. This provides a comprehensive, zero-touch response that addresses advanced threats at every step of the attack chain. This dream team of Sophos Email, Intercept X, and XG Firewalls ensures Emotet never sees the Endgame. That means your story always gets its happy conclusion. And automatic, real-time, zero touch response means your IT guy can go grab lunch.


Stop Worrying About Employee Browsing Habits, Use A Content Filtering Service

What is Content Filtering?

Content Filtering is a service that enables organizations to restrict the type of websites and web content that can be reached through devices on their network. Popular in schools, government institutions, and office settings, a quality content filtering service can mean the difference between your employees’ laser focus and an afternoon spent pinning Instagram posts.

Blog Banner General Buy Now Red-High-Quality

Why Your Organization Should Be Using a CFS

Network Security

Content filtering isn’t all about keeping your employees’ eyes away from lewd or rude material; filtering also ensures that your employees don’t stumble onto known threats or phishing sites peddling malware. Given the growing popularity of Web 2.0 tech, many domains have grown into Frankenstein-esque mash-ups of aggregate content, RSS feeds, and redirects. This added complexity of navigation means that your employees “just doing their best to stay safe” likely won’t work out over time.

Security analysts repeatedly warn that the human element is the weakest link in your security infrastructure. And while we absolutely love our employees, why give them the chance?

Liability Protection & Compliance

Did you know that your company can be held liable for any data transferred into or out of its internal network? A rogue user acting in bad faith can cost you more than a day’s worth of productivity. Pornography, illicit content, copyrighted material, and fraud attempts can all open your company up to legal troubles and fines that will throw a serious wrench into your business plan. Having a content filtering service in place on your network demonstrates a good faith attempt to prevent illegal usage of your network for which you could otherwise be held liable.

cipa compliance includes content filtering with a firewall

In addition, many industries must meet compliance requirements that include content filtering. The most obvious example, CIPA or the Children’s Internet Protection Act, ensures that K-12 schools and libraries use content filtering to protect minors from harmful content. CIPA compliance is a requirement to receive federal funding in the United States.


This is the part where we convince you that all of your employees are wasting their days surfing Reddit and tell you how to block Facebook, right? Wrong. This is the part where we warn that a poorly configured or low-quality content filtering service may unintentionally block legitimate resources, making your employees’ jobs harder. Any bouncer can keep a club empty. A good bouncer keeps the riff raff outside without hindering access for those visitors with genuine intentions.

Blog Banner General Buy Now Red-High-Quality

How does it work?

Content filtering checks requested websites against a database of blacklisted URLs, IP addresses, and domains located in the cloud. When a server request arrives at your firewall, a request relays to the cloud-based blacklist and returns an approval to continue the process or a signal to disallow the content. The database is based on dynamically-updated ratings that grade content on security risk and content type.

Most content filtering services include the ability to block content by user, user segment, time of day, and more. Many services also include a variety of preset policies and configurations that can be applied as solutions to common issues.

network diagram of a content filtering service interacting with your firewall and user devices

Extra Value

  • Ratings are dynamically generated and updated by a central database, so your filters are kept up to date without you lifting a finger
  • Traffic analysis allows you to monitor the types of websites that your employees are visiting
  • A good CFS includes an easy-to-use and intuitive management UI, giving you precise control over your filters
  • Content filtering services can extend to mobile devices as well, allowing you to restrict content on any company-issued smartphones or tablets


Block Facebook from the Comfort of Home

SonicWall recently released a CFS Responder. In the example we used above, your network had to reach all the way out to a cloud-based database located who-knows-where. The SonicWall CFS Responder keeps the answers you’re looking for a little closer to home by housing the database and rating architecture in local responders in lieu of a remote public responder. A deployed CFS Responder eases traffic demands on your firewall and reduces wait times for server requests. Now you get all the security of a content filtering service without sacrificing performance speeds!

Check out the SonicWall Local CFS Responder

Learn About Firewalls: Firewalls.com YouTube Channel offers network security how-tos, tutorials, & troubleshooting

Learning about firewalls and network security is no easy chore. While a wealth of knowledge exists across the web, few domains can translate complex network security concepts into easily-digested lessons for beginners. Likewise, troubleshooting firewall issues often leads to old, obsolete forum responses and dead ends. You’re in luck.

The Firewalls.com YouTube library is continuously growing and packed to the brim with how-to’s, tutorials, troubleshooting guides, and more. Like a treasure trove full of SonicWall and Sophos solutions, Firewalls.com customers and visitors alike are sure to find the answers to their questions.

Who makes the videos?

We do! Right here in the office. Our video series is produced, edited, and narrating by our rockstar team of engineers and architects. If you’re the type of person that wants the answer straight from the horse’s mouth, then this is the channel for you. Our video makers are certified SonicWall and Sophos engineers with over a decade of combined experience in real world network security management. Learn about firewalls from the guys that spend every day up to their eyeballs in network security! Our two narrators, Alan and Matt, are ready to show you the ropes.

a look into the firewalls.com studio where we answer questions based on your search terms about cyber security, info sec, firewalls, sophos, sonicwall, and more
A look at our editing desk.

Who decides what video topics to cover?

You do! We generate topics for our videos based on the top search terms in YouTube, Google, and the Firewalls.com website. We know the Internet has important questions and we want to answer them. If there’s a certain topic you want us to cover, let us know in YouTube comment sections or on social media.

Why the Firewalls.com channel?

We want you to learn about cyber security, so we’re not going to waste your time. We’re no pack of newbs that spend the first two minutes of every video introducing ourselves, begging for likes, and talking about our BFF’s new music project. Get in, get answers, and get back to being productive.

What’s in it for me?

Information, readily available and easy to follow. Our videos are made by screen capturing our network techs using the same reporting and monitoring programs that our customers use, in real time. There’s no magic wand waving behind slick edits or cuts.

Running dual monitors? Set one screen to our YouTube and the other screen to your work space and you can fix network security snafus side-by-side, at your pace.

How can I learn more?

Subscribe to our YouTube channel and you’ll be notified the moment we publish new how-tos. If you’re following us on Facebook, LinkedIn, or Twitter, we’re always sure to post new videos on social media as well.

firewalls.com studio for creating youtube videos answering questions about cyber security, sophos, sonicwall, watchguard, and more firewalls topics
Join us in the studio!

Check out some of our most recent Sophos & SonicWall issues solved:

Use your Sophos XG Firewall as a DNS Request Server

Use SonicWall’s NetExtender to setup an SSL VPN

Firewalls.com Network Security Glossary

Network security can prove deep waters to wade into. As the scope of technology grows, so too does the pool of jargon and initialisms that find their way into our vocabulary. When your network administrator starts muttering about SSL and WANs, it’s tempting to just nod and hope he leaves soon, but maybe it’s time that some of us not-so-tech-savvy folk got a few info sec terms under our belt. With this new infographic from Firewalls.com, you can learn the java-fueled jive talk of the IT clan. Go tell your sys admin how you feel about the form factor of the new Galaxy S8 and watch the mixture of confusion, surprise, and marvel light up their face. Finally, you can interpret the estranged tongue of cyber security.


Feeling like a cyber security expert? There’s always more to learn. Stay up to date with the latest news by following us on Twitter and Facebook!

Follow Us on Twitter!