How a Visual Firewall Can Help Protect Your Network
Businesses with a network need a firewall to keep the bad guys out and their data safe. And traditionally, it's been done behind a complex dashboard that's difficult to navigate and operate. But lately a few vendors have begun to offer a more visual take on this venerable category, placing a premium on the User Experience. For smaller businesses this can be especially useful. Let's look at what is involved with these products with some samples from McAfee, Palo Alto Networks and Sonicwall. In olden times, firewalls were anything but visual dashboards. You had to navigate long lists of rule sets that would take a lot of expertise to craft correctly. The order of how the rules were listed was also important, as the firewall would process one rule at a time. Each rule would either permit or deny a particular kind of traffic to a particular port and protocol. They had dashboards like this one from Cisco's ASA firewall that had densely packed information. That was great back when the Internet was young, but these days playing ports and protocol games is more complex. Just about every new application uses Web ports 80 and 443, so filtering on those doesn't help much. And for corporations that want to be more sophisticated in what they block, you want something that offers more granularity and understands the way particular applications behave. For example, let's say I want to allow people to use Gmail but not Google Earth. My firewall has to distinguish between these two actions. Here's how the McAfee Firewall handles it. In the image to the right, you can see a long list of Google applications. It's very easy to click on each particular item to quickly block other Google functions. McAfee has a add-on option to its Enterprise Firewall called Profiler that includes a graphical mechanism for managing its operations. You can use its graphical interface to spot trends quickly, make adjustments to firewall rule sets, and see the results of your changes instantly, without having to plow through network traces and protocol details. In the screen capture below, we're looking at the main Profiler screen. You can see the bubbles that indicate by color whether traffic is allowed or blocked by particular user department and application category.The size of the bubble indicates the volume of traffic that is involved in a particular situation. Some of the firewalls come with graphical real-time monitors, such as the display below, which comes from Sonicwall's unified threat appliances. You can see traffic patterns and drill down if you spot something that doesn't look quite right. Palo Alto Networks has this interesting global map of all your network traffic, again to help you spot some particular network flow to a country where you normally don't do any business. Many of the firewalls have geolocation features where you can block traffic originating or destined for particular countries, too. These are just some of the more innovative firewall vendors out there who have begun to harness visual information displays to help you manage your network traffic and operations. If you are still looking at long lists of log files or rule sets, you might want to investigate one or more of these products.