Today, we are all aware of the vast amount of data generated by computer systems. This data is stored in data centers or on dedicated servers. In turn, more and more companies are offering products or services over the internet. It is because of this situation that necessary security measures must be in place, such as a firewall system, so that no one without authorization can access the stored information, in most cases. These cases contain sensitive information where a large part of a company's business is located.
How can a company be protected?
Many technological strategies are emerging to make a company's network a secure medium for storing information, although in most cases, implementing these strategies results in a high cost. For this reason, it is difficult for Spanish SMEs to access a high-availability firewall system or similar. The information remains unprotected and the business vulnerable.
According to a Google study.
According to a Google study, nearly three million SMEs in Spain are unprotected against cyberattacks, and three out of five lack basic security protocols. Each cyberattack costs a small or medium-sized enterprise an average of €35,000. Furthermore, cyberattacks are becoming increasingly sophisticated.
What resources can an SME access?
At Binhex, we propose a solution within reach of small and medium-sized enterprises: free software, which allows us to implement technological strategies for cybersecurity at a reduced cost, such as Pfsense and OpenVPN.
What is pfSense?
pfSense It is a customized distribution of FreeBSD (operating system), adapted for use as a high-availability firewall and router. It is characterized by being open source and can be installed on a wide variety of computers, allowing companies to acquire the hardware where the application needs to be installed.
In this way, we will be able to increase the level of network security at a reduced cost.
Tests performed with specific and accessible hardware.
The hardware that we have successfully tested and installed at Binhex ranges from €130-€260 depending on its features (RAM, CPU, hard drive).
With 4 network cards, this type of device is ideal for building an advanced firewall router and ensuring that the hardware and software work together to protect your business against malware and secure important private data and content.
Network configuration.
The configuration will depend on the network design, although the main features that can be configured are:
Firewall System: o Firewall, Filtering by source and destination IP, IP protocol, source and destination port for TCP and UDP traffic.
NAT: 1 NAT para las direcciones IP individuales o subredes enteras.
High availability:
The combination of CARP, pfsync, and its synchronization in the configuration, provides high availability functionality.
Multi-WAN: Multi-WAN functionality allows the use of multiple Internet connections, with load balancing and/or failover, to improve Internet availability and bandwidth distribution.
Server Load Balancing: Used to distribute the load across multiple servers.
Dynamic DNS: A dynamic DNS client is included to allow you to register your public IP address with a variety of dynamic DNS service providers.
Captive Portal: Allows you to force authentication or one-click redirection through the network login page.
DHCP Server and Relay.
High availability firewall system for SMEs.