Standard vs. Advanced Security Explained

November 22, 2023
Industry Commentary

Keeping your business secure is one of the most important aspects of running a successful organization. One way to protect your business is through the use of a firewall, which acts as a barrier between your network and the internet. But with so many different types of firewalls available, how do you know which one is right for your business?

In this blog post, we will explore the differences between standard firewall security and advanced security features, and explain why and how customers can choose between them. We will focus on Uplevel’s Firewall, which offers both Standard Security and Advanced Security.

Standard Security in the Uplevel Firewall

The Uplevel Firewall comes bundled with a standard enterprise-class firewall license that includes a variety of security features. These features are typically sufficient for smaller businesses that do not have stringent regulatory requirements such as HIPAA and CMMC.

The standard firewall license supports the following features:

  • An enterprise-class Stateful Internet Firewall
  • Cross-VLAN Stateful Firewall with MAC filtering for LAN device control
  • Site-to-site encrypted VPN connectivity
  • Encrypted internal storage with protected snapshots
  • Audit logging and secured configuration management

The security features included in Uplevel’s standard firewall license provide the following capabilities:

  1. The customer’s office(s) is/are defended against direct attacks and exploits from the Internet. The Uplevel gateway appears as a “black hole on the Internet” and is invisible to the types of port probes and presence tests that many consumer-grade routers are subject to. Further, the high performance of the standard firewall thwarts and discourages many DDoS attacks and overload exploits to which lower-quality firewalls may fall prey. Additional enterprise-grade design features further limit the “attack surface” of the firewall, which greatly reduces the probability of a successful exploit.
  1. The firewall ensures that only legitimate traffic that can be traced to internal customer devices will be passed through. Unsolicited outside traffic is blocked unless explicitly allowed (but is tracked and reported for audit purposes).
  1. Internal VLAN Access Control rules permit simple compliance to PCI-DSS requirements. Fine-grained device access control enforcement (e.g., for CMMC compliance) can be activated as well, to prevent unauthorized devices from connecting to the corporate network.
  1. Encrypted site-to-site VPN connections enable multiple customer sites to be rapidly interconnected with high security (AES encryption), and also automatically reconfigures with Internet changes to maintain the connection reliably.
  1. The built-in device storage is not only encrypted (e.g, as required by HIPAA), but also protected against ransomware attacks by using specially protected read-only snapshots. In the event of a ransomware attack, data on the storage can be recovered immediately from the most recent snapshot.
  1. The standard firewall maintains detailed audit logs and secure configuration management to further permit compliance with regulatory requirements such as HIPAA.

In essence, for small businesses with 5-25 employees, the standard firewall capabilities are generally adequate to meet their Internet gateway security needs. This is especially true for those who don't have to comply with strict regulatory requirements such as CMMC and HIPAA.

Advanced Security Subscription

Larger businesses generally require a higher level of security to protect their valuable assets and maintain regulatory compliance than the standard firewall:

With a higher number of employees and frequent personnel changes, businesses with over 50 employees have a much higher "attack surface" and need a more active level of security threat detection and alerting. Furthermore, businesses in certain vertical markets, such as medical, dental, defense suppliers, and approved government vendors, are subject to a higher level of regulatory compliance and must adhere to specific requirements like HIPAA and CMMC. These regulations are directly associated with the security level provided by the firewall, both internal and external. Enterprises such as schools or churches frequently have large populations of users, on which

acceptable use policies must be enforced when these users connect to the network. Failure to enforce acceptable use policies usually opens the organization to the risk of lawsuits and state enforcement actions.

Uplevel’s Advanced Security Subscription

To meet the needs of larger businesses and those with specific compliance requirements, Uplevel offers Advanced Security subscriptions. This subscription enables the following functions:

  • Deep Packet Inspection (IDS/IPS)
  • Content Filtering (domain filtering)
  • Country Blocking (geoblocking)

The Deep Packet Inspection feature actively scans all inbound and outbound traffic for known threats, matching them against hundreds of threat signatures updated nightly. This is especially useful for businesses that need to support a wide range of on-premises application software, searching for the threat signatures of compromised applications.

The Content Filtering feature allows businesses to set up Acceptable Use Policies (AUPs) for staff and customers utilizing their network. AUPs can include a mixture of broad categories like social media as well as specific websites. This is particularly useful for businesses with many users, such as schools or churches, and can also help with liability insurance policies.

Finally, the Country Blocking feature completely blocks traffic to and from "bad-actor" countries like Russia, North Korea, and China. While this may be a requirement for companies involved in defense or government procurement, it also provides a significant reduction in the "attack surface" for larger businesses at risk of ransomware attacks or spear phishing exploits from foreign countries.

While the Advanced Security subscription is not required for all small businesses, it is an optional package that should be considered by larger businesses who wish to elevate their security posture.

About Uplevel Systems

Uplevel Systems, as a small business IT infrastructure managed service provider, enables any of these options. Uplevel’s subscription offering is the most popular with SMBs, but some prefer Uplevel’s new equipment purchase program and use a CapEx model.