Check devices on your own network

How it all began:
More structure and security in the network

With the Microwall, more complex network structures can be divided into several subnets. In doing so, The Microwall as a firewall router enables communication between the individual network segments. This makes the entire network more secure: the segmented areas are separated from the parent (Corporate) Network disconnected. Attackers or malware that reaches a network participant are prevented from spreading by the firewall routers.

Would you like to read more about this topic? Click here for the info page “Firewalls, segmentation and insularization“.

The Problem:
Critical Workarounds When Creating Sharing Rules

The strategy of segmentation is now an accepted component of all security concepts and standards. But what does the whole thing look like in practice? Once the machine or system has been successfully connected to its own network segment by a microwall, the firewall rules must be formulated. For access to the machine from “outside”, the question is often still relatively simple. It will be more difficult in the opposite direction. Depending on security awareness, one of the two quick emergency solutions is often chosen:

1: The machine is prohibited from making any connections to the outside world.

In a few cases, this may also succeed and work in the company. Especially for new installations, it is but it is more likely that there will be disruptions after a short time, because, for example, the justified search for software updates or other communications required for operation.

2: The machine is allowed all connections to the outside.

If you decide on this variant (perhaps because the first approach failed), the operation is up and running with a high degree of probability, but at the price of a significantly higher security risk. If malware gets onto the machine in any way (e.g. through manipulated firmware updates), it wreaks havoc unhindered: Further malicious code can be downloaded, sensitive information can leak out.

The Solution:
Connection Monitoring for Improved Security

The better approach is therefore to allow only the “desired” and tested harmless connections to the outside. Exactly for this purpose, the Microwall has the Discover mode with integrated DNS proxy and the possibility to Create sharing rules based on hostnames. All DNS queries and resulting connection attempts of the machine are recorded by the Microwall and clearly displayed on a website. After checking for harmlessness, a connection can then be adopted as a release rule with a simple click. Any dubious connections are still blocked and can be forwarded to the manufacturer, for example, for review or clarification.

If you want to read more about the topic, take a look at the Microwall manual or simply watch the Discover mode live on a test device.

Router/Firewall

4 products

Get Started - Order A Trial Version For 30 Days.

Try our products from Wiesemann & Theis free of charge for 30 days by writing in the note of the order: Want to test the product.
If you do not wish to make use of your right of return within 30 days, simply pay the accompanying invoice. Free shipping in Denmark.