1

ANALYTICAL REPORT
ISSUES OF IMPLEMENTING
FIREWALLS

Prepared for IT Professionals

Prepare Name: Dan Gocan
Date of completion: 03/13/2015

Table of Contents
Executive Summary.4
Introduction..4
Issue 1..5
Guidelines
1.
2.
3.
4.

Preparation.5
Plan5
Research5
Testing...6

Figure 1....6
Figure 27
Issue 2..8
Guidelines
1.
2.
3.
4.

Risk Assessment8
Research....8
Decision.....8
Testing...8

Considerations
1.
2.
3.
4.

IDS.9
Encryption.9
Folder Security..9
Data Loss Prevention9

Summary..9

Conclusion.....10
Recommendation...10
Appendix 1.11
Reference...12

Executive Summary
The meaning behind the report is to help an IT professional in conducting research relating to the
issues presented. There are guidelines that have been reviewed to help in a situation facing IT
issues. This report was based on mostly conducted research then transformed into an opinion
base report.

Introduction
There are many issues in the IT field in which the normal IT professional deals with every day.
From these issues, two are presented dealing with finding firewalls and implementing additional
security. The guidelines are presented to be a step process to which a solution can be found from
the issue at hand.

Issue 1: There are too many choices when it comes to seeking a firewall to implement in a
company.
When it comes to implementing a firewall in a company's IT department or structure there is an
issue present of the fact that there are too many venders that offer firewalls. For an IT
professional it can be challenging to get the right product for their company if they are not
guided by a solution to this issue.

GUIDLINES
1. Preparation- preparation is very important when it comes to finding the right firewall for
the company. Preparation can include doing an assessment of IT infrastructure of the
company to find detailed needs of protection from threats. This will help the IT
professional to get a good idea of what compatibilities need to be met with a new or
existing infrastructure.
2. Plan-Planning is good and efficient when an IT professional is seeking to implement
equipment into the IT infrastructure. Planning with set phases will help in time
management and productivity. Its helpful to have a few more personnel that can execute
the plan as well. Planning can include making a brainstorming session to organizing ideas
on how to purchase the right product for the companys infrastructure and create a
timeline. This will help with maintaining a schedule and being productive.
3. Research- Research comes in very useful when done right and in the right manner. When
conducting research it will help if there is a few more people for help. Research should be
conducted going to the vender directly and finding out information. After the research is
done of what vendors are good, conduct a research of review on products of those
vendors. This will help the IT professional see which product is reliable and which are
not. After the review the decision is ready to be made and implemented into the
infrastructure at the company.
4. Testing- Testing deals with testing the product and the vendor on their customer support.
In the case of testing a firewall the IT professional might hire a penetration tester to see
how protected the company is from threats. This is important because once the firewall is
live on the network then it will be too late for testing.

Figure 1
This figure shows a detailed chart of some of the leading firewall vendors and what they
offer in the different categories. This is a helpful visual representation in which an IT
professional can look for the exact features that they are looking for and would be able to
identify it on the vendor and model.

Figure 2
This figure shows the different vendors of firewalls and some of the models that
they have. Whats good about this figure is that it is organized in the way of three
categories. It shows security applications, network features and throughput.
Issue 2: A firewall might not be enough for an organization to protect itself from threats.
When it comes to firewalls, all the brands have one thing in common and thats protecting the
clients network from threats and vulnerabilities. As networks get more complex, the threats are
getting complex as well and when firewalls are not enough to protect the network, the company
is open to incoming threats. Implementing other equipment or software in addition to the firewall
will help with getting a strong defense line in the network.
GUIDELINES

1. Risk Assessment- The risk assessment is done to help identify what additional equipment
will be needed to add on to the level of security. By identifying the risk, it will be easier
and more productive to conduct research to by the right equipment.
2. Research- The research must be carefully done with the criteria of firewall and other
network equipment compatibilities. The product must be compatible with existing
equipment and the vendor must have good support reviews.
3. Decision- When the time comes to make a decision the IT professional must consider the
present threats and what would benefit the company for the future (upgrades). Once
everything is reviewed, then its time to make the purchase.
4. Testing- Testing is important in which the IT professional must find out if threats can get
through the additional layer of security. This can be done with internal professionals or
seeking external penetration testing professionals. It is important that the IT professional
from the company does the required maintenance and always keep the systems updated to
ensure security.

Considerations
These are some extra features on what to look for when implementing additional security
equipment:
1. IDS- Intrusion Detection Software is a burglary detection software that allows companies
to monitor who is accessing the company network and from where.
2. Encryption- Encrypting the data in the network will discourage the hacker not to go
further into the network.
3. Folder Security- this deals with data encryption of the folder. Folder lock and Bit locker
in Windows operating systems are capable of encrypting data.

4. Data Loss Prevention- This extra security measure to the company will help with any
data loss. The feature is designed to monitor data when the network is at-rest, in-motion,
and in-use.
(See Appendix 1 for more information)
Summary
After obtaining information about solutions to solve some of the issues, the report is a good start
in conducting research about firewalls and additional equipment implementations for security.
Conclusion
When it comes to companies protection against threats firewalls must be implemented in the
frontline of the network infrastructure. Firewalls have different types of capabilities in what they
offer to protect a network from vulnerabilities. The finding from the report came down to
conducting research based on basic guidelines that help maintain productivity.
Recommendations
In any kind of issues dealing with IT field, there is a way to find the solution to the issue and
thats conducting the right kind of research. The research will help solve the problem and how
accurate it is.

10

APPENDIX 1
Figure 1

Figure 2

11

References:
1.
2.
3.
4.
5.

http://www.watchguard.com/training/fireware/80/defense2.htm
http://www.watchguardturkiye.com/sayfa/30/sifir-gun-korumasi.html
http://www.esecuritytogo.com/
http://rss2.com/feeds/TaoSecurity/19/
http://www.watchguard.com/wgrd-products/utm/overview