The Diversifying Technology of Firewall Architecture

Tim Woods

Previously:

What’s the big picture of State of the Firewall 2018?

The main intersection point takeaway-wise from the 2018 State of the Firewall report is “Firewalls are still relevant” and/but “There’s increasing complexity and confusion around their use, especially how the rules are written.”

There are two major points here: one is directly business-related and one is important to the business, but not as directly related to the bottom line.

The business-centric point is the gap (chasm) between business needs and security needs. A gap often exists between the business and IT Security.  IT security is siloed by vendor, technology and teams. Problem is: silos slow things down, and that doesn’t work in 2018 (it didn’t work three years ago either). Today’s businesses have new devices, tools, cloud assets, and other resources constantly moving into and within their networks, making it tough to identify all the different parts and how they communicate.

Another way to think on this: The erosion of a defined corporate perimeter has simultaneously increased the number of assets organizations are trying to protect as well as the number of firewall rules. The only way to enforce consistent access policies across the enterprise is to implement automated, intent-based security. By decoupling security intent from implementation, organizations can ensure continuous compliance with enterprise security intent, even when the network evolves.

The answer is also automation for another reason

The other reason is the increasing amount of stress within the network security space, which MIT’s Technology Review recently called “cybersecurity’s insidious new problem.” While the problem isn’t necessarily “new,” it has become a greater focus of conversation recently, including being mentioned in multiple tracks and panels at Black Hat 2018.

The rise of stress in cybersecurity shouldn’t confuse anyone: despite the explosion in firewall rules, sheer number of firewalls, and devices to manage, cybersecurity staffing has been relatively flat for years, with some even defining it as “a chronic shortage of qualified staff” in the industry.

In short, we’re trying to do a lot more with significantly less, and that’s going to cause stress. There’s no way around it. Stress burns out your best people, creates turnover/churn, and puts additional stress on those who remain.

The answer to that problem is also automation, at some level: while we’d never argue for the elimination of jobs, you can free up your existing personnel to be more strategic and forward-thinking if you can implement both an automated solution and one driven by intent instead of consistently writing and cleaning up firewall rules.

That’s why we offer automated change processes, security assessment and cleanup, firewall rule cleanup, and automated compliance — among other services — to our customers. It was also a driving force in our acquisition of Lumeta, because we wanted a strategic partner to help solve issues around cloud visibility that many of our customers are experiencing.

The goal is to bring the speed of your business in line with the speed of your security, so that breaches and flaws aren’t massive PR events, but rather elements you have control of before they happen. And, in the process of equating business need and security need, we hope to make your people a lot less stressed — and more strategic as opposed to box-checking or rule-cleaning — which overall benefits the organization.

This is why we do reports like State of the Firewall, even though it seems more like a media endeavor than anything else. We want to understand our customers and the market so that we can make decisions about how to prioritize new opportunities. If you’d be interested in learning more about what automation + intent might look for your business, don’t hesitate to reach out.