Blog
← Back to Blog
September 05, 2016 cybersecurity

The Hardest-Working Person in Your Office Should Be Your Firewall

Network equipment and server infrastructure

Happy Labor Day. Your team is off, and they deserve it. But there's one member of your staff that never gets a day off, never calls in sick, and never takes a vacation: your firewall.

Or at least, it shouldn't. The reality is that a lot of practice firewalls are more like that employee who showed up on the first day, did the bare minimum during orientation, and has been coasting ever since. Technically present, but not actually doing much.

Today, while you're enjoying the holiday, let's talk about whether your firewall is actually earning its keep.

What Your Firewall Should Be Doing

Blocking Unauthorized Access

This is the basic job. Your firewall should prevent unauthorized connections from the internet to your internal network. But "blocking everything" isn't realistic for a business that needs to access cloud services, email, and practice management portals. A well-configured firewall allows what you need and blocks everything else. That configuration matters.

Monitoring Traffic

A good firewall doesn't just allow or block. It watches. It logs connection attempts, flags unusual patterns, and alerts you (or your IT provider) to suspicious activity. If someone is trying to brute-force your VPN login at 3 AM, your firewall should notice.

Content Filtering

Modern firewalls can filter web content by category. Block known malicious websites, prevent access to high-risk categories, and limit exposure to the sites most commonly used to distribute malware. This isn't about restricting employees. It's about reducing your attack surface.

Intrusion Prevention

Advanced firewalls include intrusion prevention systems (IPS) that can detect and block known attack patterns in real time. Remember the Shadow Brokers NSA tools we wrote about? Some of those exploits target firewalls. An IPS can help detect and block exploitation attempts.

Signs Your Firewall Isn't Working Hard Enough

  • It's more than 5 years old. Firewall hardware has a useful lifespan. Older devices can't keep up with modern traffic volumes and lack current threat intelligence.
  • The firmware hasn't been updated in over a year. Firewall vendors release security updates regularly. If you're not applying them, you're vulnerable to known exploits.
  • Nobody reviews the logs. A firewall that logs everything but nobody reads is a security camera pointed at a wall. The logs are where you find attempted breaches, misconfigurations, and policy violations.
  • The default password is still set. You'd be surprised how often this happens. If your firewall's admin interface is using "admin/admin" or the manufacturer's default credentials, fix that right now.
  • You don't know what rules are configured. If you can't explain what your firewall allows and blocks, it's probably allowing more than it should.

The Labor Day Security Audit

When you're back in the office tomorrow, take 30 minutes:

  1. Check the firmware version. Is it current? If not, schedule an update.
  2. Change the admin password. If it's still the default, or if it hasn't been changed in over a year, update it now.
  3. Review the rules. Ask your IT provider to walk you through the current firewall rules. Understand what's allowed and what's blocked.
  4. Turn on logging and alerting. If they're not already active, enable them. And make sure someone is actually reviewing the logs.
  5. Check the subscription. Many firewalls require active subscriptions for threat intelligence, content filtering, and IPS updates. If your subscription has lapsed, those features aren't protecting you.

Your firewall should be the hardest worker in your office. Make sure it's not just taking up space on the network rack.

Enjoy the rest of your Labor Day.