Dedicated servers with firewalls are an excellent defense against unwanted outside access to your server. It provides a good line of defense against intrusions to your server data, planting Trojan horses or other miscellaneous threats. A firewall will allow only certain connections or requests to a server based on a predefined set of rules set by an administrator. Firewalls can be setup to control outside connections such as the internet that is usually assumed not to be “safe” from getting through but also from large internal networks. Routers are also known to be able to provide basic firewall functions. (More details on Firewalls and internet security)
There are two main types of firewalls that we offer for all our dedicated servers.
- These firewalls are the best options for maximum protections agains attackers trying to gain access to your dedicated server. It provides a good strong barrier against attempts to gain access to your server that every server administrator should have in place. Hardware firewalls do not consume any CPU power or server resources since it is running on the firewall and not the server via software. Hardware firewalls will protect all servers on a rack or network as opposed to software firewalls that have to be installed on every server. The downside to a hardware firewall is that the cost is a little higher.
- Software firewalls are a great way to protect a server and still stay within a limited budget. Some sort of firewall is better than none at all. The drawback to running a software firewall is that they can be a little more taxing on the server’s CPU, (maybe less so with stateless firewalls) so if you have a low end server with minimal amounts of RAM it is suggested to look into a hardware firewall instead.
Always make sure you have good reporting from the firewall for your dedicated server so you know what’s going on!
It is advised however, to not just stop at a firewall solution but to secure the entire server from forced entry such as with our Security Packages or site scanning provided by SiteLock etc. They provide more security than basic software firewalls that are based on packet filtering and blocking “pesky” IP’s. Please also note, that firewalls are not a good solution for DDoS attacks even though they can help a little. DDoS hardware protection is the best solution for these sorts of attacks on a dedicated server.