Ultimately everyone needs a firewall if your computer is connected to the internet. Having a server connected online without one nowadays is just the same has leaving your car doors open at night with the engine running in a bad neighborhood, you just don’t do it. Something as simple as enabling a basic firewall can save you days if not weeks of having the clean up the mess of an unwanted user gaining access to your system and causing trouble. A basic firewall would have the effect of at least stopping someone who is randomly scanning servers and comes across yours to test it for any vulnerable spots. Simplest of rule sets in place should effectively deter any mild or casual intruder. However depending on the level and determination of the unwelcomed guest, a more advanced configuration may need to be used.
When using a Windows or Linux-based server, the firewall built-in will allow you to select basic settings to stop unknown users from connecting via RDP(Remote Desktop Protocol) which essentially is the Linux equivalent to gaining root access on your system. Other services such as IIS, MSSQL, MySQL, FTP, Email, or Apache can all be thoroughly filtered to not only block unauthorized access, but explicitly only allow connections to these services from trusted IP addresses. So if your co-workers, development team, or just yourself need access to the server. Then a simple firewall filter will be there to save the day. Depending on your particular needs for the system things can indeed get a little bit advanced when it comes to setting these rule sets up.
For a more advanced server setup and firewall configuration, your best choice will be to utilize a Cisco PIX. The PIX firewall is like one of the Swiss army knives of the internet. It delivers robust user and application policy enforcement, attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. These purpose-built security appliances provide multiple integrated security and networking services, including:
- Advanced application-aware firewall services
- Robust site-to-site and remote-access IPSec VPN connectivity
- Award-winning resiliency
- Intelligent networking services
- Flexible management solutions
Here at INAP we offer a few choices for firewalls, which can effectively better secure your network. Both Windows and Linux based machines have their built-in firewalls which can be managed both by us or yourself if need be. Just as mentioned above, if a more robust configuration is needed then you also have choices. The choice will be yours to decide which firewall service better fits your needs.
Updated: January 2019