Part of:Securing mobile devices against unique threat vectors
How mobile firewalls protect against enterprise threats
Firewalls are an essential part of network security. As more employees use mobile devices for work, mobile firewalls are an increasingly vital security tool for organizations.
Firewalls are an important tool for data protection on traditional desktops and mobile endpoints alike.
A firewall is firmware or software that can manage the inbound and outbound traffic of a network or device. It provides end-user devices with an added layer of security that contains rules about what traffic can flow in and out.
In homes and businesses, firewalls block unwanted incoming traffic. This traffic could come from hackers attempting to infiltrate the network or take advantage of open ports in an internet-connected device. But as more users rely on mobile devices and connect to public Wi-Fi and networks, mobile firewalls are increasingly important as a first line of defense against cyberattacks.
Mobile users often run the risk of connecting to insecure networks where hackers are lurking. When a mobile device connects to a compromised network, hackers might be able to capture the device's incoming or outgoing traffic. Hacking tools also provide cybercriminals with an easy way to execute Wi-Fi attacks. They can pose as legitimate public networks, and when a victim connects to one, all traffic can be routed to the attacker. In turn, the attacker can analyze all the traffic to harvest private data.
How do mobile firewalls work?
A mobile firewall eliminates some attacks that come from the network-based threats that a mobile device is susceptible to. It works like a traditional hardware firewall, but in this case, it's on a mobile device, which can connect to cellular networks as well as Wi-Fi. Using an application installed on the device, a mobile firewall manages the flow of traffic in and out of a mobile endpoint.
It offers much of the same functionality as desktop and server-based firewalls do. The difference is that it runs on mobile devices and is much simpler to manage and configure. Firewall apps can also use a VPN feature to ensure that any connection made to an organization's network or other services hosting private data is secure.
Mobile users often run the risk of connecting to insecure networks where hackers are lurking.
App-based mobile firewalls commonly offer the following features:
Web filtering capabilities that can block some potentially malicious or undesirable content.
Ability to block all incoming traffic and any attempt to exploit known device or mobile OS vulnerability.
Automatic VPN to enable the mobile device to connect and transmit information securely.
Ability to block known threats such as malware and other malicious attacks.
Internet traffic controls to manage and implement browsing policies.
Ability to stop data use as part of any data usage limitation.
Custom internet rules relating to the type of traffic allowed to flow in and out.
App traffic controls to block streaming or unwanted app use.
One factor to consider with a mobile firewall is the OS of the device it will be on. Android and iOS dominate the market. The wide range of attacks and malware discovered on many Android apps has caused many IT administrators to push for the use of mobile firewalls on Android devices, especially as a preventive measure to protect corporate data.
4 mobile firewall applications for the enterprise
When considering firewall protection to secure mobile data, IT admins can choose from a variety of products. Factors to keep in mind include which OSes the apps run on and whether they offer additional data privacy features.
AFWall+
This Android-based app lets IT teams and users restrict which applications can access an organization's network. It can control any traffic flowing, regardless of which type of network it originates from. Admins can use the app to manage rules around any external storage within the device and support multiple profiles, including Work, Home and other user configurations. AFWall+ can also send notifications of new app installations. However, the app only works on rooted devices, which can increase some security risks.
NetProtector Firewall
This firewall app works in a similar fashion to some of the other popular firewalls in the Google Play Store. It offers IT teams control of the outbound and inbound traffic to all their apps and supports Wi-Fi or cellular connection for each app. It also supports VPN connections, manages data usage and blocks any unwanted incoming traffic to the device.
Guardian Firewall + VPN
Guardian is a popular option for iOS devices, although the firewall app now supports Android as well. The app blocks malicious IPs and websites, in addition to stopping unauthorized apps from collecting personal data. It can also notify users of any attempt by services or apps to make unwanted connections. The firewall functionality can block all unwanted connections to location trackers and offers IP masking to hide the identity of the device.
ZoneAlarm Mobile Security
Available for both Android and iOS devices, ZoneAlarm Mobile Security addresses a few different types of cyberthreats, including ransomware and phishing. It can block internet attacks and offers zero-day phishing protection to keep credentials safe while users browse the internet. The app can also validate every link a user opens in real time using Check Point ThreatCloud AI, which tracks when a specific URL might be malicious.
Editor's note:This article was updated to reflect changes in the mobile firewall market and to improve the reader experience.
Reda Chouffani runs a consulting practice he co-founded, Biz Technology Solutions Inc., and is CTO at New Charter Technologies. He is a technology consultant with a focus on healthcare and manufacturing, cloud expert and business intelligence architect who helps enterprises make the best use of technology.