Enterprise Mobile Device Security: On-Device Firewalls - dummies

Enterprise Mobile Device Security: On-Device Firewalls

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

A device-based firewall is a form of security protection that is physically resident on the enterprise mobile device, as opposed to protection based in the cloud or hosted protection. A device-based firewall’s express purpose is to detect and thwart relatively straightforward brute-force attacks.

A firewall will typically thwart unauthorized external connections that attempt to communicate with the device. The firewall can even be configured to monitor (and block as necessary) internal applications on the device that attempt to communicate with the outside world.

The adoption of firewalls for devices is becoming more mainstream mainly because these phones look and feel increasingly like laptops and desktops, and everybody’s familiar with client-based protection that includes a firewall for laptop and desktop computers. So the argument in favor of extending similar types of protection to cover smartphones does pass the smell test – yes, it’s necessary – but it’s not sufficient.

You can use the firewall and intrusion prevention in tandem to get the most comprehensive protection for your users. Intrusion prevention is protection that watches out for more advanced and sophisticated threats. Be warned, however, that this approach increases battery drain. The recommendation here is to use on-device intrusion prevention solely as a backup option if you see that your users are getting attacked mercilessly and you need the heavy hammer.

The device-based firewall, on the other hand, provides basic protection against common attacks and therefore demands less power. So the question is: How much protection do your users need, and how much battery drain will they tolerate?