Whitepapers
How Firewalls Can Leave
Your Institution Vulnerable
Utilizing a firewall to protect your network from insider threats can lead to a false sense of protection
View PDF
Firewalls are typically used to prevent hackers, or malicious actors from accessing your internal
network. In addition, they are also utilized to filter Internet access to unapproved websites from
within the internal network; however, that is not always the case when the machine is taken off the
network. While they are able to see network traffic traversing the perimeter via firewall logs, and are
likely to block website access, a perimeter firewall is unable to see the context of activities or any
activity that is occurring solely within the network, leaving your educational institution vulnerable.
For example, firewalls are not able to record documents being transferred to USB drives or cloud
storage. Firewalls also cannot monitor keystrokes to detect potentially harmful keywords that could
be associated with cyber bullying, drugs, violence, inappropriate conduct, and other questionable
content.
Veriato 360 can record all of these activities, and more, while providing screen snapshots, much like
a CCTV camera, allowing you to see everything that was displayed on the end user’s monitor(s).
Possible examples of how firewalls can fall short on protection:
- Firewalls cannot detect anomalies in email, or file transfer activities
- Firewalls cannot protect against compromised credentials that could be used to log into a teacher’s machine
- Firewalls assume that only outsiders are a threat, and everyone inside is 100% secure and trusted
- Firewalls cannot stop students
from VPNing into other devices
off the network, thus bypassing
your blocking rules
- Firewalls cannot stop
all proxy connections
- Firewalls will not stop potential
internal attacks/mischief
to servers or computers
- Firewalls cannot log possible
inappropriate content being
placed onto computers or taken
home on a removable drive
Conclusion
Firewalls therefore do not provide sufficient protection for a multitude of vulnerabilities within your network. User Activity monitoring fills these gaps by continuously monitoring users for signs of risk