Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
The number of devices in most security networks isn’t decreasing. In fact, many large enterprise networks add dozens of new devices every year. Each device contains an immense amount of data that can be vital to the security of the organization. But collecting data is only useful if you can easily access, process, analyze and share it with others.
When I first started working with firewalls some 18-odd years ago, the revolution of “stateful inspection” was just starting to take hold. The explosion of Internet bandwidth (laughable now) to DS3-type speeds was driving everyone away from the proxy solutions they had in place to this awesome new security device.
All firewalling concepts were geared to the 5-tuple, situating the firewall firmly in the L4 space, but even then the market leaders defied that definition. Anyone that tried to pass active FTP without the properly CRLF formatting in the command channel was painfully aware of just how far up the stack the “L4 firewall” could go.
Of course, back then you made a good living knowing how to turn those security features off (probably not selectively) so you could make the network work again. Now, we’re all trying to figure out how to program the network properly so we can exert control over the 10-tuple, which eliminates the need for stateful inspection, right?
The answer to the question requires some thought regarding basic concepts. I start with wondering: “Why does the network exist? What’s its purpose?” For me, the answer is that the network provides nothing in and of itself, it exists to supply services to users of those services. With that in mind, we can start by wondering just what it is the firewall does for us.
Some past thought patterns would be, the firewall:
• Stops users from consuming unauthorized services (SSH, for example) – which seems like something the service should do, right? If my network can manage flows, why can’t my service manage who consumes those services?
• Prevents bad actors from exploiting misconfigurations and vulnerabilities on the network and overlying services – but isn’t the network intelligent enough to protect itself and the services that ride on top of it?
For me those are all good reasons for the existence of the firewall, but not quite succinct enough. I think the firewall exists to manage and filter what would otherwise be (or has been) unmanageable.
There’s always been a “better way” to secure your services: fix your vulnerabilities and deploy host or service-based security. But how is that working out at the enterprise scale? The firewall has always been a necessary evil. Should we need it? No. Must we have it? Yes.
In conclusion, I don’t think the firewall is going away. Rather, it will be something different than what we know today.
It may not be a network device, rather than something that exerts control over the network. It may even have a different name and we may even be able to discard our “burning brick wall” icons. It must have certain features that give it modern relevance – identity management/enforcement, service awareness, but that whole line of thought is a blog post in and of itself.
It is a point of trusted enforcement in our network – a necessary evil – that we will continue to rely on as part of our “next-next generation” security environment.
We encourage you to share your thoughts, and we look forward to reading your comments. We invite you to subscribe to our blog to keep up with the latest posts of our new series.
So you’ve purchased a new firewall. Now what?
You’ve got to decide which access is allowed, which isn’t allowed and whether or not rules are compliant with internal and regulatory standards.
Things are running along smoothly and then the dreaded “change.” A user submits a new access request and the fun begins. Is this access necessary? Safe? Compliant? And what happens when it’s time to retire unused rules?
How Effective Security Management Can Help Teams Cover the Exponentially Increasing Gap between Technology & the Resources Available to Manage It
Security teams today are under tremendous pressure due to the rising frequency and impact of breaches and a business that wants to move faster and faster. The answer to both of these challenges has always been to add more technology and staff resources.
However, each new technology added creates complexity. More rules are created and more data is generated. As networks continue to evolve, this complexity will only grow. And while staff resources may increase, they will never match the exponential growth of technology.
FireMon calls this phenomenon The Complexity Gap and has set out to help security teams close it.
Join us for this webinar with Frost & Sullivan where we’ll explore the causes of “The Gap” and how workforce multipliers such as intelligence and automation help staff manage their security more efficiently and more effectively.
En la actualidad, uno de los retos principales es preparar las redes de seguridad, no sólo para enfrentar las amenazas, sino también para enfrentar los cumplimientos. El día 26 de enero se publicó en el Diario Oficial la LEY GENERAL DE PROTECCIÓN DE DATOS PERSONALES EN POSESIÓN DE SUJETOS OBLIGADOS.
¿Está tu red preparada?
¿Cuentas con los procesos necesarios para el cumplimiento?
En esta era digital los datos personales de nuestros clientes y proveedores pasan por una red y se almacenan en una base de datos. Éstos, por ley, deben protegerse por medio de sistemas y procesos. Uno de los objetivos de esta ley es establecer las condiciones de tratamiento de datos personales y fomentar la cultura de protección.
La Ley de protección de datos es mucho más que un simple aviso de privacidad; esta ley describe derechos y obligaciones que de incumplirse pueden ser penalizados. Asiste a este Webinar para conocer más y prepararte. Te mostraremos:
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.