Your firewall checklist

Server image
Ensure the firewall is robust

One of the core aspects of a running a successful data centre is managing the security protocols.

At their heart is the firewall deployed to protect the entire sever network, but data centres are increasingly under threat. According to the latest Worldwide Infrastructure Threat Report from Abor Networks 94% of data centres saw DDoS (distributed denial-of-service attack) last year.

There are a number of firewalls to choose from, including SonicWALL, which was recently acquired by Dell and joins the other security products in the Dell SecureWorks range of services.

When looking for firewall technology for your data centre there are a number of points to bear in mind.

Data question

First is to ask what kind of data are your servers processing? If it is financial, for instance, including the credit card numbers of your customers, the firewall should be PCI (Payment Card Industry) compliant and certified by the International Computer Security Association (ICSA) Labs.

Second is whether your business is now using a hybrid approach to its server management with physical servers, virtual machines and cloud-based servers running together?

Traditionally, servers would be secured by looking at the vulnerability of their input/output ports. Today things are much more complex, as your servers are likely to be attacked via the applications they are running. Can your firewall provide sufficient protection against these attacks?

Next is the question of whether your firewall policy takes into consideration the different types of attack that might occur?

Firewalls should protect the application layer, the transportation layer such as TCP (Transport Control Protocol), the IP layer that routes packets across your network and the hardware layer, typically over Ethernet. As each of these layers can come under individual or group attack, your firewall should be robust and flexible enough to handle these incursions.

You should also always create new virtual machines with security in mind.

The combination of the Dell PowerEdge range of Blade servers and VMware's virtualisation applications involves a drive to create more efficiency; but some businesses suffer from virtual machine sprawl and sometimes the responsibility for each VM can be an afterthought.

Always stop and think how the new virtual machine you are creating will complement those already in existence, and how it should be secured.

Intrusion factor

Finally, is your firewall set up for intrusion detection? A firewall is useless if it can't inform you when an attack against your data centre has taken place.

Always look for firewall services that can track attacks, as they happen and discern patterns in repeat attacks. This is vital information to help you improve the level of security right across your network.

Choosing the right firewall for your data centres means being fully aware of the attacks that are likely and how a firewall can mitigate the impact that these attacks can have on your business as a whole.