Gartner Security 2014: No Farewell to Firewalls

Every so often someone suggests that network firewalls are no longer a strategic asset – typically based on the emergence of some shiny new, “gotta have it” technology, or the notion that this 20+ year old first line of defense – introduced by Marcus Ranum at DEC in 1992 – doesn’t matter as much as it used to.

However, if you listen to the experts – in this case leading industry analyst firm Gartner and their 14,000-plus clients – such claims are clearly misguided.


At the firm’s recent Gartner Security & Risk Management Summit 2014 nearly every relevant session reinforced that firewalls, and more effective management of these inherently complex devices, remains just as critical, if not more so, than ever.

From the summit’s opening keynote – stressing the need for CSOs and other security officials to tie their efforts directly to business initiatives (and bridge IT silos with offerings like FireMon’s recently launched Policy Optimizer) – to breakouts dedicated specifically to corralling firewall policies, the importance of stout firewall defenses was repeatedly emphasized.

Sure, there was the point-counterpoint “Farewell to Firewalls” presentation in which Gartner’s forward-looking thought leader Dr. Joseph Feiman focused on the need for new applications-centric mechanisms, specifically embedded runtime application self-protection [RASP] capabilities.

But, as artfully submitted by Gartner network security guru Greg Young, and ultimately conceded by Feiman himself, the continued development of such emerging technologies, in addition to adoption of cloud services and SDN, will actually require continued, if not greater, reliance on firewalls.

Longtime Gartner risk expert Neil MacDonald’s session on “Continuous Advanced Threat Protection” hammered home the need for more proactive and context-aware management of network security infrastructure; MacDonald’s “Adaptive Security Architecture” posits that strategy must shift from traditional “detection” and “response” methodologies to more “predictive” and “preventative” tactics.

These observations validate FireMon’s vision that adding network security intelligence to existing cyber defenses can significantly automate manual processes and free security teams for other critical risk management efforts.

For further evidence, one needed to look no further than network security analyst Adam Hils’ overview of inquiry calls made by Gartner clients during the first half of 2014.

His hard numbers: a whopping 51 percent of the over 1,500 calls related directly to firewalls were divided between “my rule base is a mess, how can I clean-up and better manage?” and “next gen firewalls – should I migrate and how?”

The second place topic – related IPS issues – only accounted for 22 percent of all calls.

So, there’s hard evidence that any notion that firewalls are either yesterday’s news or increasingly less strategic are… highly overstated; the Gartner numbers simply don’t lie.

We update Gartner analysts regularly on customer wins, real world ROI data and FireMon’s technology roadmap – and listen closely to the “pain points” they hear from clients. These analysts understand precisely how valuable FireMon solutions can be in advancing organizations’ network security posture.

So why take our word for it? Give them a call and find out for yourself.