Threat Intelligence at Work 24/7 365
Why a Firewall and what about NAT?
Who is in CONTROL of your Local Area Network [LAN]?
A firewall works as a barrier, or a shield, between your computer network and the internet
Your ISP provided device, called a Gateway/modem/ONT, functions as a Wi-Fi NAT Router - creating a Local Area Network [LAN] - this enables your devices to access the internet. Network Address Translation [NAT] is the process of modifying the IP information in IP packet headers so that the packets can be routed to the required destination. It is used in home routers [such as the typical Wi-Fi router] to allow a number of devices [such as desktop computers, laptops, gaming consoles, mobile phones, and internet enabled televisions], each with their own network address, to connect to the internet using the one external IP you are assigned by your Internet Service Provider.
The communication chain using your ISP provided Gateway
Devices connected to LAN <<==> ispGateway[NAT] <<==> ISP <<==> Internet
Because IP packets that are not recognized are discarded, the NAT process acts like a simple but effective firewall, blocking incoming traffic unless it is in response to previously sent outgoing traffic i.e. blocking unsolicited traffic.
People who think NAT suffices as a firewall have a misunderstanding of these two functions
Here's the Analogy between NAT and a Firewall
Think of NAT as the old mailroom at a corporation. Inbound packages coming to the corporate address is reviewed and the mailroom adds the recipient's cube number for inside delivery. Packages arriving without a valid recipient are simply discarded. Outbound packages pass through the mailroom to the appropriate letter carrier or shipper. NAT performs the same function with inbound and outbound packets.
Now add a security element to the mailroom. Inbound packages get run through an x-ray machine and bomb detection process. Contents are examined to insure no harmful or prohibited items. The return address may be checked and if the packages from a particular address or location, it may be blocked. Having passed through security, the mailroom adds the recipient's cube number for inside delivery. Outbound packages are likewise run past security. Packages destined to certain addresses, or containing certain items, are blocked and returned to the inside sender. His manager receives a report as to what was blocked and why. This is the function a Firewall performs on packets inbound and outbound to the company.
The Objective: Proactive Protection at your Internet Gateway to specifically Regain CONTROL of your Local Network and to block malware, spyware, phishing, cryptomining, ransomware and hackers before they ever reach your network, your computers, all your smart devices.
The Problem: Your ISP is in control of your Local Network: The Gateway device your Internet Service Provider supplies you with to be able to access the Internet does not have any of the three [1,2,3] essential capabilities required for effective protection against the Bad Guys PLUS that gateway device has security implications that you may not be aware of - placing your privacy at risk - your ISP provided Internet Gateway enables your ISP's Technical Support personnel to remotely manage the Gateway device and have direct access to your Business or Home Network or any connected devices with or without your knowledge or explicit permission.
The communication chain using your ISP provided Gateway
Devices connected to LAN <<==> ispGateway[NAT] <<==> ISP <<==> Internet
The 3 essential capabilities that are missing to proactively prevent the Bad Guys from breaching your internet connection and your local network are as follows:
- a Firewall providing an effective method of access control.
- a dynamic blacklist [MOAB] that identifies the Bad Guys via the IP addresses they use.
- a Router that is extensibledesigned to allow the addition of new
capabilities and functionality and has the hardware capability [cpu, memory and storage]
to exploit the blacklist in conjunction with the Firewall.
The Solution: Our Firewall access control rules working in conjunction with MOABMother Of All Blacklists adds a highly efficient trap that silently and quickly prevent « any » of over 600 million perpetrators [the Bad Guys] access before they can breach your doorway into the Internet, penetrate your local network and cause damage to your computers and other network dependent smart devices. Guarding your network from the effects of malicious intrusion of unauthorized users and applications begins with solid perimeter and endpoint defenses, and an effective method of access control. The capable Router Firewall we recommend, install and configure provides that effective method of access control - now you are in control - your ISP can still manage their gateway device but they can no longer have access to your local network.
Cable communication chain using The Solution
Devices connected to LAN <<==> ROUTER[includes Firewall+MOAB]+ispModem <<==> ISP <<==> Internet
For Cable Internet subscribers we convert the ISP Gateway into a Modem using bridging and insert our recommended Router/Firewall appliance that takes over as your Gateway - security implications mentioned above is effectively addressed => secured from unsolicited prying eyes, secured from bandwidth thievesStealing Your Wi-Fi and « now » you have regained full control over what happens on your network.
Fiber communication chain using The Solution
Devices connected to LAN <<==> ROUTER[includes Firewall+MOAB] <<==> ISP <<==> Internet
For Fiber-To-The-Home Internet subscribers we remove the ISP provided gateway and replace it with our recommended Router/Firewall appliance that takes over as your Gateway - security implications mentioned above is effectively addressed => secured from unsolicited prying eyes, secured from bandwidth thievesStealing Your Wi-Fi and « now » you have regained full control over what happens on your network.
MOABMother Of All Blacklists enables our Firewall to proactively deny all unwanted inbound Traffic. By creating a special Firewall Blacklist that identifies unique IP addresses of known malicious or suspicious entities our Firewall in conjunction with MOABMother Of All Blacklists adds a highly efficient trap that silently and quickly denies « any » of over 600 million perpetrators access before they can breach your Internet door, penetrate your local network and cause damage to your computers and other network dependent smart devices. Because of the very dynamic nature of MOABMother Of All Blacklists we configure the Firewall to automatically update the blacklist 3 times each day so that we can include previously unknown sources [of the perpetrators] as they become known to us.
By restricting inbound traffic to the router, we can prevent the accidental opening up of services on the router. Because our Firewall configuration restricts all types of services except for the services you know about & need, we can prevent any services (that you may not be aware of) from being accessible remotely on the router.
-->I already have a MikroTik Router
IF you already have a capable MikroTik Router and you would like to subscribe to our MOAB subscription service » e-mail us « with the information we need based on the PREREQUISITES stated therin for this service to work properly on your router and we will promptly set you up regardless of where on Planet Earth you reside.
MOAB Subscriptions are based on a Calendar Year
A calendar year is a one-year period that begins on January 1 and ends on December 31
Inside a Calendar Year you will be charged as shown in the Table below
- Janaury - subscription US $90 covers 12 months
- February - subscription US $90 covers 11 months
- March - subscription US $90 covers 10 months
- April - subscription US $90 covers 09 months
- May - subscription US $80 covers 08 months
- June - subscription US $80 covers 07 months
- July - subscription US $80 covers 06 months
- August - subscription US $150 covers 017 months
- September - subscription US $140 covers016 months
- October - subscription US $130 covers015 months
- November - subscription US $120 covers014 months
- December - subscription US $110 covers 13 months
- For Subscription payments mouse click on your current month link above
MOAB subscription Service Payment US $90.00 per calendar Year
« PayPal » when you're
ready to subscribe
Please note that MOAB Subscription Service Payment above
and
MOAB Install Service Payment below
are two sperate independent service payments.
MOAB Remote Install Service Payment US $90.00
« PayPal » when you prefer
to have us install MOAB for you.
We use Chrome Remote Desktop extension for all remote installation services.
MOAB Remote install service is only available for
broadband capable users
minimum 100Mbps Down 10Mbps Up.
Disclaimer: You may cancel your subscription at any time, all sales are final we do not issue refunds
MOAB - First Time User's
» e-mail « Request 10 day Free Trial of MOAB Blacklist Service
Decide what you need and »
e-mail us « about what you'd like us to do
We would be delighted to help you decide what you need and what you'd like us
to do based on a on-site consultation session