Important Security Features
Following are what we call the Sacred Six security features. Try to find a security-enhancing solution that has most, if not all, of these features:
Block by default: What's not explicitly allowed to enter or leave your network is denied by defaultno human intervention necessary. The traffic blocks are put on automatic.
Allow/block by configuration: You can further control the flow of traffic into and out of your network through traffic rules or access control lists.
Alerts by configuration: If an access control list (ACL) rule is broken, the security solution logs or sends a page/alert/alarm to your chief security officer. (This is combined with "Blocked by default" in the matrix.)
Alerts by audits: The security solution should have the ability to test and log or send page/alert/alarm based on the results of periodic security audits of your network.
Penetration testing: The security solution should have the ability to search, find, and identify system, TCP/IP, and modem-based vulnerabilities in LAN/WAN environments.
Network troubleshooting/analysis: The security solution should have the ability to locate problems and analyze traffic patterns.
One very important point: The IT/security industry has determined that an appliance, service, or DIY installation of any security product or service is only as good as the evaluation of the resulting data. That means that there must be a human element in the security solution that actually looks at the reports being generated and then analyzes them. No technical security solution can replace the power of analysis of the human brain.