INTELLIGENT ENTERPRISE SECURITY should feature product capabilities like compression , data-deduplication or application-based prioritisation and bandwidth guarantees .
Meanwhile , businesses are facing an unprecedented wave of ransomware attacks . These generally come in through email , but you could also have computers calling home to the Command & Control server to install stealthware . With the right firewall , often described as next generation , in place these activities can be detected and curbed .
In addition to the protection on the perimeter , you can deploy more firewalls internally to create zones . Zoning or segmentation makes it harder for malware and attackers to cross network boundaries .
Often it makes sense to allow for direct access to cloud applications from each branch office location , effectively moving away from the traditional centralised access approach .
Allowing internet access from branch locations may now mean deploying firewalls at these locations . The practical challenges here are threefold :
Does the deployed , smaller firewall
1 device at each branch provide all the security controls needed and is it still affordable ? Must-haves would be nextgeneration firewall features such as app control , user awareness , integrated IPS , the ability to intercept SSL , and advanced threat and malware detection .
Can these devices be effectively
2 managed from a central user interface ? This is important , because it means that only one security policy needs to be defined and maintained across all the deployed firewalls , even though enforcement now takes place in multiple physical locations .
What does the associated operational
3 cost look like ? Firewall devices need to
be trouble-shot , logs need to be managed , updates applied .
My own suggestion is that conservative approach of going with a well-established player that will continue to invest in threat defences and upgrades is the best route
As with all things IT , Next Generation Firewalls are subject to more hype than reality . While many are fully featured , some are overmarketed versions of older technology and despite there being plenty of choice , there can be a blurring around the capabilities and performance on offer .
The customer should start by determining their needs , as they differ by organisational type , size , performance requirements , security concerns and of course compliance requirements . While there is a wide variation of prices in Next Generation Firewalls , often they are not matched directly to capability , which is why needs precedes budget considerations .
Some of the elements to consider and prioritise for Next Generation Firewalls include application firewalling using deep packet inspection , intrusion prevention , encrypted traffic inspection TLS / SSL , website filtering , bandwidth management , and third party identity management integration LDAP , Radius active directory .
Other features can include antivirus , sandbox filtering , logging and auditing tools , network access control , DDoS protection and of course cloud capabilities .
Clearly different organisations will have a divergent range of needs driven by their own size , performance and security requirements . With the significant range of solutions on offer , the challenge can often be selection , particularly with the significant number of new suppliers entering the market with innovative offerings .
Budget and management capabilities are also key elements in this equation . Given that a firewall often is deployed for considerably more than three years it is crucial to make the right decision to protect your environment , not only against today ’ s threats but also those that will be the centre of attacks in the future .
Having been around security for more than 40 years , my own suggestion is that the conservative approach of going with a well-established player that can and will continue to invest in threat defences and upgrades is the best route .
Subject to the size and potential cost of your deployment , putting one or more suppliers through a full proof of concept ahead of the decision can be a very effective investment . This is to protect an organisation in a radically changed risk environment from three years ago , and one which will continue to change at potentially an even faster rate .
Ian Kilpatrick is Executive Vice-President Cyber Security for Nuvias Group and Chairman Wick Hill Group
39