Although there are a lot of similarities in K–12 and enterprise networks, K–12 networks will have some requirements that must be considered when overhauling a network. Over the next few weeks, I am going to discuss all the various pieces of building a K–12 network. We will look at firewalls, switches, Wi-Fi, device management, and device selection. This week, I am going to look at picking the best firewall.
About Making The Grade: Every Saturday, Bradley Chambers publishes a new article about Apple in education. He has been managing Apple devices in an education environment since 2009. Through his experience deploying and managing 100s of Macs and 100s of iPads, Bradley will highlight ways in which Apple’s products work at scale, stories from the trenches of IT management, and ways Apple could improve its products for students.
Throughput
One of the first considerations of building a K–12 network is your firewall selection. There are a few things to keep in mind as you meet with vendors and research products in order to pick the best firewall. One of the first is throughput. If you don’t get a big enough firewall to handle your throughput needs, the rest of the features it offers won’t matter. One key thing to keep in mind is that there will likely be two numbers each vendor gives you. One is with deep packet inspection turned on and when turned off. You’ll want to work through the number when it’s turned on as you’ll likely be using DPI.
Manageability
The next factor of firewall selection will be manageability, how easy is it to configure the firewall, monitor how it’s performing, and update the firmware. I am a big fan of cloud-managed products that don’t require a local console/SSH connection to connect to it. Mobility is a crucial part of any modern school, so the ability to manage and monitor your firewall from anywhere should be a driving factor.
Content filtering
After manageability, content filtering is something you want to consider. K–12 networks in the US must consider the Children’s Internet Protection Act (CIPA) when thinking through content filtering. While no filter is going to be perfect, here are some factors of a firewall you can build around.
Enforce Google Safe Search
Enforcing Google Safe Search is a crucial thing to consider with content filtering. Google Images can show a lot of inappropriate content, even just the thumbnails.
Updates to policies
You’ll want to have a firewall that can receive updates from the vendor instead of you having to update them manually. By allowing your firewall to auto-update its content filtering policy, you’ll know you are always protected against the latest threats. One thing to add here is that its ideal to have a system that allows you to manually whitelist or blacklist sites.
Wrap-up on picking the best firewall
These are just a few things to consider when picking the best firewall. A firewall is your protection against the outside world. From threat protection to content filtering, a firewall is one of the most critical parts of your network. Please don’t get the cheapest, get all the features you need on the front end, and make sure you know how to manage and monitor it. Next week, we will look at switches, Wi-Fi, and identity management.
Photo by Markus Spiske on Unsplash