Stated Inspection: The Future of the Firewall
What’s the future of the network firewall?
While at first glance this may not seem like the most cutting-edge or controversial question facing the IT security industry, further inspection (forgive the pun) reveals that future evolution of the firewall remains one of the most significant issues we face.
For evidence of how central firewalls remain within enterprise security strategy, consider that Gartner reports that roughly 51 percent of the 1,500 network security calls received by their analysts during the first half of 2014 were directly related to firewalls – on topics ranging from platform migration to policy management, to adoption of next generation devices.
In July, Ellen Messmer filed this piece in Network World which debates the evolution of firewalls related to cloud computing and quotes a wide range of industry experts, serving as further proof of the topic’s relevance.
For over 20 years, the firewall has served a central component of information security, representing a first line of defense in controlling access to limit risk. To this day, it remains the most successful “whitelist” security solution ever deployed, designed to permit acceptable traffic and stand as a default in denying everything that is not.
In contrast to systems including IDS, IPS, anti-virus and other malware-centric technologies that attempt to keep up with attackers by attempting to identify, adapt-to and prevent the latest attacks, the firewall has remained a stalwart element of enterprise defense, while changing in its own right to address these same issues.
Firewalls also represent the largest product segment of the network security industry, with Gartner predicting over $9 billion in worldwide sales in 2014 alone, and customers dedicating over half of their entire IT budget on security projects in general.
As such, any significant changes affecting the firewall market will clearly have a significant impact on customer planning, the IT industry and the makeup of enterprise security in general.
Meanwhile, ongoing platform evolution including mobile computing, cloud services and other trends that blur the lines between what exists “inside” and “outside” the typical enterprise network is making the traditional concept of maintaining “walls” between networks, and the future role of the firewall, even more difficult to define.
As debated in Messmer’s story, cloud computing – where critical applications and data are running outside the traditional data center – will redefine where, and in some cases how, access must be controlled.
Virtualization also continues to change how, and how quickly, new systems and applications can be deployed, thereby affecting the effectiveness and manageability of traditional firewalls.
Shifts in networking technology, in particular SDN, promise other dynamic changes to network management, and how security is deployed in those networks.
And perhaps most significantly, threats continue to evolve, challenging the notion that a network firewall can effectively defend organizations against them.
In the coming weeks and months, through this “Future of the Firewall” blog series, we’ll be engaging key thought leaders – including practitioners, analysts and other informed observers – to share their vision and address many of these issues.
Where is the future of the firewall headed this year, or 5 years into the future? How will firewalls continue to evolve and how do these experts believe this change should, and might occur?
There is no question that the future of the firewall will have a significant impact on the future of IT security, risk management and compliance initiatives.
We encourage you to join the conversation and share your thoughts, and we look forward to reading your comments. We invite you to subscribe to our blog to keep up with the latest posts of our new series.