Business Router and Security Essentials

One common thing we see with a lot of small businesses is a lack of proper entry point security on their office networks.  So many small businesses between 1 and 50 devices use a consumer model router/firewall as their network control.  While the $50 router off the shelf at your local Big Box might be sufficient for the average home only network, businesses – both in an office and in a home office – should definitely consider network control and security as a priority when selecting a router.

Especially in today’s business market where small business owners wear the hats of IT Administrator, sales, customer service and management, and still want to work remotely to spend more time with their families, having the security and flexibility of a business class router/firewall is essential.

Here are some network basics and how a better router can help better secure your network.

1.  Firewall Utilities

Consumer grade routers have come a long way beyond just offering NAT (Network Address Translation) as a basic security measure.  Many now include complex firewall rules that tend to be… well, complex.  Often too complex to set them properly, and by default leave your network pretty wide open so popular applications such as instant messengers, Skype, World of Warcraft, etc… can be set up and run without interference.  Consider those ports to be always open – and an open port is a vulnerable one.  Better firewalls close all ports unless the network administrator chooses to open them.

A conventional consumer class router is kind of like locking the doors on your car, but leaving all of the windows open a couple inches.  It discourages those not really looking to do anything  but someone looking for an opportunity won’t be challenged by it.

2. VPN vs. Basic Port Forwarding

Most basic routers allow you to direct traffic to a computer, for example, to use a computer remotely you might port forward to a computer for an RDP (Remote Desktop) session.  As stated above, an open port is a vulnerable one.  A firewall that provides a secure VPN (Virtual Private Network) gives a business a method of being able to access their network remotely without opening ports to vulnerable port forwarding rules.

3. URL Filtering

The vast majority of consumer level routers do not offer any method blocking inappropriate websites.  For a business this can lead to a host of problems including liability issues and additional, more difficult to control security issues.   An advanced firewall router can both allow a business to specific categorical websites to block, build a list of additional unapproved sites and can automatically filter out websites that are known for distributing malicious code and malware.  Many advanced firewalls will even inspect incoming traffic for suspicious code such as viruses, adware and phishing attempts before they can even reach the user desktop.

4. Email Filtering

Basic routers in general offer no mail filtering whatsoever.  This is left to the mail server and the desktop security client to weed out spam, phishing and malware attachments from both POP and Webmail email.  Advanced firewalls do offer these options, which are a huge security enhancement to a business network since many users still open every email and every attachment that hits their email without a second thought.

5.   Remote Management and Reporting

I’ve seen it happen to many small businesses – out of the office, and traveling with no option of going into the office.  All of a sudden, a remote access you were counting on having available is not working.  Either someone at the office has to fix it, or you have to remote into your router and check things out.  Consumer based routers don’t come with remote management turn on by default and most people don’t realize they need to turn this option on.  The second pitfall is the processors in these routers are not very advanced and have trouble serving up the internal web server pages across an Internet connection.  Making remote changes to these routers, even if available as an option, can be a time consuming and frustrating task.  More advanced routers and firewalls are built using better hardware and often have their own remote management utility that you can launch to speed up remote configuration changes.

A good firewall won’t replace some of the other security basics such as a good antivirus application and good common sense.  We still suggest layering security measures, to keep the bad guys as discouraged as possible.  After all, if they find your network to be a more difficult target, they will move on to an easier one.

FacebookTwitterEmailYahoo MessengerHotmailDiggMySpaceShare