A number of organizations may have the capability to build a firewall for themselves, i.e., put together a firewall by using available software components and equipment or by writing a firewall from scratch. At the same time, there are a number of vendors offering a wide spectrum of services in firewall technology. Service can be as limited as providing the necessary hardware and software only, or as broad as providing services to develop security policy, risk assessments, security reviews and security training.
Whether one buys or builds a firewall it must be reiterated that one should first develop a policy and related requirements before proceeding. If an organization is having difficulty developing a policy, it may need to contact a vendor who can assist in this process.
If an organization has the in-house expertise to build a firewall, it may prove more cost-effective to do so. One of the advantages of building a firewall is that in-house personnel understand the specifics of the design and use of the firewall. This knowledge may not exist in-house with a vendor supported firewall.
At the same time, an in-house firewall can be expensive in terms of time required to build and document the firewall, and the time required for maintaining the firewall and adding features to it as required. These costs are sometimes not considered; organizations sometimes make the mistake of counting only the costs for the equipment. If a true accounting is made for all costs associated with building a firewall, it could prove more economical to purchase a vendor firewall.
In deciding whether to purchase or build a firewall, answers to the following questions may help an organization gauge whether it has the resources to build and operate a successful firewall:
Many vendors offer maintenance services along with firewall installation, therefore the organization should consider whether it has the internal resources to perform the above.