Q: What’s your opinion of the various smart firewalls?
A: With the growing popularity of internet-connected devices in the home, such as web cameras, thermostats, doorbells and lighting systems — often referred to as the Internet of Things (IoT) — securing those devices is a critical step in keeping them safe.
“Smart firewalls” are an emerging category of security products designed to help users protect all their connected devices.
The latest attack vector
IoT devices are becoming a more popular attack vector for the underworld because of their sheer numbers. Current projections expect the number of IoT devices to exceed the number of mobile phones in 2018, with an estimated 18 billion IoT devices in use by 2022.
Hackers go for easy targets, and given a relative lack of focus on security by both manufacturers and consumers, IoT devices are in the crosshairs.
Easily compromised devices are being “recruited” to become a part of an army of devices known as a “botnet,” which can wreak havoc in a number of ways. Botnets allow the controller to direct thousands of devices to attack a specific website, essentially making it inaccessible to real users (aka Denial of Service attacks).
Users of compromised computers and IoT devices rarely have any idea that their devices are being used for malicious purposes, which is where smart firewalls can help.
The recent discovery of the KRACK Wi-Fi security hole is just another reason to take security seriously, especially since some IoT devices can’t be updated to fix newly discovered security holes.
How they work
Smart firewalls are hardware-based devices that can do a better job of managing lots of devices than a typical software firewall. The “smart” portion of the device analyzes your network traffic in real time to identify threats or suspicious activity, block them and notify you of the activity.
This approach to network security is common in sophisticated business networks with tech-savvy administrators who know how to configure powerful routers.
Smart firewalls take the need for tech skills out of the equation because they’re generally pre-configured to start protecting your entire network as soon as you plug them in.
Early stage development
The first devices in this category started appearing in just the past couple of years, so we’re in the early stages of development.
Some of the early entrants, such as the Bitdefender Box, are in the process of releasing second-generation products, while the Cujo has received lots of praise for its ease of setup and use.
Another newcomer is the Norton Core, which is one of the more expensive solutions that’s so new that there is not much of a track record for it.
Virtually every option available requires either a monthly or yearly subscription to provide their cloud-based threat analysis, so make sure you include this ongoing cost in your comparisons.
There are devices that don’t require a subscription, such as the RATtrap. But some users have complained about slower internet speeds, and it won’t work with modem/router combo devices.
This category of devices is so new, I’m personally going to wait a little while to see how things shake out before committing to any of the platforms.
Ken Colburn is the founder and CEO of Data Doctors Computer Services. Ask any tech question on his Facebook page or on Twitter.