Firewalls have been the mainstay of network security for more than two decades and organizations still view the devices as a critical element of their defensive strategy
It’s been 25 years since the introduction of network firewalls as a means to monitor, analyze and protect against cybersecurity threats. Back in 1996 Marcus Ranum, godfather of the stateful firewall, asserted that firewalls are dead: “New services and increasing interconnectedness of everything defeat the design of firewalls.” But has this prophecy come to fruition?
Do Enterprises Still Value Firewalls?
In a recent report, based on a survey of 700 IT professionals, more than 95% of respondents indicated that firewalls remain as critical as ever, or more critical, in security management. As threats evolve rapidly, firewalls provide a reliable and crucial element of multi-layered network defense strategy. Therefore the notion that the firewall, whether ‘stateful’ or ‘next-generation’, is no longer valued or seen as an integral part of the security infrastructure is clearly premature.
However, more than 50% of survey respondents also highlighted existing concerns over firewall management, specifically those relating to rules and policy complexity. This is nothing new and it has been well documented that management of these systems is typically time-consuming, with practitioners struggling to keep up with matters of change and complexity. Combined with the necessity to conform to the ever-changing backdrop of industry policies and regulations, such as PCI DSS 3.0, significant resources are most often dedicated to reviewing firewall policies and rule sets.
At the same time, various methods and tools are now available to help relieve some of this pressure and allow organizations to focus their energies on other critical security and risk management efforts. One such method is the use of automation to address related network security policy management tasks.
Most often, these policies that dictate firewall configurations have been left in place for many years and become overly complex and inefficient. Automation is particularly helpful in addressing firewall rules and policy management because the involved review process must be practiced continually to prevent emerging risk exposures, driven by ongoing change. For its part, the PCI DSS 3.0 standard also mandates such continuous assessments.
Managing the Growing Deployment and Expectations of NGFWs
Despite their nascence, there is also growing interest in and increasing reliance upon next-generation firewalls (NGFWs) across all sectors. In fact, the same survey revealed that only 12% of organizations had not yet implemented any NGFWs within their security measures, while over half stated they already saw them as a critical element of their overall strategy.
"Most often, policies that dictate firewall configurations have been left in place for many years and become overly complex"
This is primarily due to the wide range of benefits that organizations expect to achieve following NGFW adoption. Based on the survey, the top capabilities organizations were expecting to leverage from their NGFWs were intrusion prevention, application awareness and threat data integration. One of the biggest capabilities proffered by many NGFW experts as a trigger for adoption is the ability to “control applications and/or users” via these systems. However, respondents indicated largely nascent efforts in this use, highlighting the current formative stage of overall NGFW adoption.
Yet, as with traditional firewalls, NGFWs introduce their own range of management and migration concerns, respectively. Perhaps unsurprisingly, ‘optimizing rule sets’ ranked as the highest NGFW management challenge among respondents at 38%, swiftly followed by ‘enforcing access and policies’ at 32% and ‘meeting best practice configuration recommendations’ at 31%. Meanwhile, the biggest concern related to the adoption and migration of these devices was ‘minimizing impact on operations’ at 27%.
From this we can conclude that whilst organisations are starting to adopt NGFWs, they are doing so gradually over time and in a methodical way to minimize any negative impact on business operations. This is particularly evidenced in the much heralded functionality of controlling traffic in direct relation to applications and/or users, which despite being a leading catalyst for NGFW adoption, clearly remains embryonic in terms of implementation.
Future of the Firewall
Based on all these reported results, the majority of organizations still hold the firewall in high esteem and maintain it is a strategic element of their overall security infrastructure.
In fact, the survey also finds that firewalls still have a major role within the advent of emerging network technologies such as virtualization, cloud computing, software defined networking (SDN) and DevOps. While adoption of SDN and DevOps remains very nascent, respondents indicated that traditional or NGFW devices already play a valuable role in securing virtualized environments, at 87%, and within cloud-based computing platforms, at 58%.
As this research clearly concludes, firewall systems will not disappear any time soon, driving increased demand for solutions that help automate and ease their overall management.
About the Author
As founder and CEO of FireMon, Jody Brazil is a seasoned entrepreneur with more than two decades of executive management experience and deep domain expertise in all aspects of networking, including network security design, network security assessment and security product implementation.