VLCM Blogs - Learn How To Get IT Right

THE PROBLEM WITH YOUR “NEXT-GENERATION” FIREWALL

Written by VLCM | Feb 21, 2017 8:56:00 PM

With cybersecurity experts predicting a rise in sophisticated cybercrime such as ransomware attacks, distributed denial of service (DDoS) attacks and advanced persistent threats (APTs), organizations need to ensure their networks are properly protected. For more than 17 years, next-generation firewalls have been the solution of choice on account of their strong network perimeter protection capabilities and high network security processing power. But with the rise of the borderless enterprise, it’s now necessary to move away from perimeter-centric solutions and opt instead for more comprehensive protection.

So what exactly is the problem with your next-generation firewall? And what’s the best way to get robust protection without compromising network performance?

WHY NEXT-GENERATION FIREWALLS OFFER INADEQUATE PROTECTION

In recent years, the combination of the Internet of Things (IoT), mobile technology, and the cloud has resulted in the creation of borderless network environments that essentially drive the expansion of networks beyond a company's’ control.

This poses a threat for two reasons. First, many devices aren’t equipped with security software and rely on the network for protection. In instances where the device’s owner has installed security controls, it’s often not geared to what the organization requires. As a result, all these devices become endpoints that are either inadequately protected or not protected at all.

An associated risk is that of shadow IT. A CloudLock survey showed that on average, 733 apps were in use at any one time in an organization’s network. More than half of those apps were classified as medium risk with over 25 percent rated high risk.

Compounding these vulnerabilities are the so-called “accidental networks” that have developed over time at a number of organizations. Comprised of different segments with disparate security products from various vendors, they typically lack central oversight and control — pitfalls that have been linked to some of the most high-profile security breaches of recent years.

Lastly, conventional next-generation firewalls aren’t designed to handle computing trends like the cloud and software-defined networks (SDN) that require organizations to not only think about network size and footprint, but also specific user and deployment needs.

These factors and others have created a perfect storm of vulnerability — making the expansive, evolving attack surface of the borderless enterprise relatively simple to exploit, and requiring organizations to shift from perimeter-centric security approaches to strategies that focus on the entire threat landscape.

EFFECTIVE SECURITY REQUIRES A MORE COMPREHENSIVE NEXT-GENERATION FIREWALL DEFENSE STRATEGY

The Enterprise Firewall solution from our partner Fortinet, combines best-of-breed next-generation firewall technology with an adaptive, collaborative platform that simplifies security management across physical and virtual network environments — including multiple, dispersed endpoints. Main advantages include:

  1. Improved visibility with scalable, centralized management that can be automatically extended or consolidated at will — while improving intelligence sharing system-wide to reduce response time and mitigate risk.

  2. More reliable, targeted security with layered modules that map protection to level of security inspection required and deployment mode — whether internal segmentation firewall, web application firewall or other.

  3. Interoperability with the security fabric, a communication interface that provides an end-to-end collaborative defense structure and integrates with the firewall to determine which threat intelligence to share.

As a 2016 Fortinet Growth Partner of the Year, VLCM can deliver the advantages of a modern, collaborative security platform with best-in-class next generation security technology. Contact us to learn how we can help protect your organization against cyber threats.