The Firewall's Transformation: Why it's an Evolution not a Revolution
The traditional firewall has been an important part of the network infrastructure practically since the beginning of the internet. While some have claimed the death of the firewall, results from ‘FireMon’s 2016 State of the Firewall Report,’ based on a recent survey of about 600 IT security practitioners, show that this isn’t the case at all. The truth is, the firewall still plays an important role in today’s security architecture, but it will have to evolve to meet the demands of the changing security and IT landscape.
Firewall in the New Avatar
While every employee needs to be equipped with basic cybersecurity best practices, it is the IT security practitioner that is ultimately responsible for keeping the company’s network safe. However, when it comes to security there is no“set it and forget it” solution – IT practitioners are continuously evaluating their cybersecurity toolkits and making sure they have the right tools to stay ahead of today and tomorrow’s threats.
While the landscape is changing and new solution categories are always popping up, many of the tried and true tools continue to play a role in keeping networks secure. For example, the aforementioned reportfound that 91 percent of respondents believe firewalls are as or more critical than ever to the security of their network – proving that the firewall, which first emerged in the late 80s, continues to meet today’s needs. Despite their staying power, it is important to point out that firewalls are not immune to industry changes, and they too are being forced to evolve.
Now, to protect their networks from sophisticated threats that continuously morph to avoid detection, IT security professionals are turning tonext-generation firewalls (NGFWs). NGFWs allow IT professionals to utilize intrusion prevention, threat data integration and malware control – going above and beyond the functionalities traditionalfirewalls offer to IT practitioners. Of those using NGFWs, 73 percent are hoping to gain intrusion prevention, 63 percent want threat data integration and 62 percent are looking for application awareness.
The Future of Firewall in the Age of Cloud and SDN
The emergence of cloud and SDN technologies bring a new set of challenges for the firewall to adapt to. The dynamic nature of cloud infrastructure and speed of change associated with it present technical and operational challenges for the traditional firewall, but it’s my belief, and the belief of those we surveyed, that both traditional and next NGFWscan play a role in doing so. In fact, two-thirds of respondents stated that firewalls are somewhat or highly valuable to the cloud services they manage. This represents a 10 percent increase over those surveyed in 2015.
Just like the cloud, more people are turning to software-defined networking (SDN). In total, 90 percent of respondents said that SDN has and will continue to impact network security, with one-fifth stating that SDN has already changed the way we think about networking. However, in currently deployed SDN/virtualized environments, traditional and next-generation firewalls remain the clear favorite for security controls. And while there was a sharp increase compared to 2015 in the number of respondents who believe the native controls found in SDN solutions and new technologies will pose a threat to existing firewall technologies, the majority still believe firewalls will adapt to this new technology, as it has with others.
Increasing Complexity in Security Management
As IT practitioners implementNGFWs, they are faced with even more firewall management and complexity challenges. Most common top management challenges with NGFWsinclude optimizing rule-sets, managing firewall challenges and meeting firewall challenges -with each of these challengesseeing an increase in year over year percentages compared to 2015.Given that the complexity continues to grow, there will likely be a continued investment in tools that simplify management of multi-vendor, multi-platform environments as well as those that simplify migration to next-generation, SDN and micro-segmented environments.
Ultimately, the need for firewalls will not disappear, but may open the door to advancements or a new category of network protection. It will be more of a continuous evolution rather than a complete upheaval, as so many are quick to claim. However, it is important that the firewall industry doesn’t ignore these small shifts, because if they don’t adapt, they will be left behind.