(September 17, 2021) Firewalls remain a key component of enterprise IT security strategies, helping to prevent malware and other threats from entering the corporate network. However, many organizations have legacy firewalls that were not designed to support growing numbers of users and devices and latency-sensitive applications. If network performance is lagging, it may be time for a firewall upgrade.
Next-generation firewalls (NGFWs) are particularly resource-intensive and can create bottlenecks in other parts of the network if they lack adequate throughput. These issues become even more pronounced as organizations embrace digital transformation and modernize their IT environments.
The seismic shift to remote work models has also exposed the limitations of older firewalls and builds the case for a firewall upgrade. Virtual private network (VPN) services are typically provided by the firewall, and some legacy firewalls simply cannot scale to support large numbers of work-from-home employees.
In our last post, we discussed the weaknesses of perimeter-focused security in a work-from-home world. The zero trust security model has emerged to address these concerns by assuming all users and devices are threats until they are verified and authenticated.
That’s not to suggest, however, that perimeter security is no longer needed. On the contrary, organizations need a strong perimeter to detect and block sophisticated threats.
Traditional firewalls guard the network perimeter by monitoring ports, protocols, and IP addresses and providing stateful inspection, packet filtering, URL blocking, and VPN services. NGFWs build on these capabilities with deep packet inspection, which scrutinizes network traffic on a much more granular level.
A firewall upgrade to an NGFW incorporates intrusion prevention, SSL/TSL decryption and inspection, application traffic control, malware detection, and other features. An NGFW is application-aware, which means it has the intelligence to identify different types of applications and make context-based decisions about allowing or blocking traffic.
When the phrase “next-generation” is used to describe something, we assume it’s new. However, NGFWs first saw broad adoption in 2015, and those older NGFWs are starting to show their age. Today’s IT environments include physical, virtual and cloud platforms supporting users all over the world, and many legacy NGFWs are simply unable to handle the load.
When evaluating NGFWs, there are several factors to consider:
- Throughput. The key value to look for is throughput when all security features are turned on. Disabling features just to get adequate performance defeats the purpose of having an NGFW.
- SSL/TSL inspection. Most Internet traffic is now encrypted, so it’s important to have an NGFW that can inspect that traffic. However, decrypting and inspecting traffic creates significant overhead that impacts performance. Best-in-class NGFWs will have minimal degradation in throughput.
- VPN services. The firewall’s VPN services should not only encrypt user sessions but monitor traffic between remote users and the public Internet to protect the organization’s infrastructure. With today’s remote work models, the firewall should have the performance to support a large number of VPN connections using strong encryption.
- Simplified management. IT teams have enough on their plate without having to learn and use multiple interfaces to manage firewalls. NGFWs should be integrated into the overall security architecture, with single-pane-of-glass management and the sharing of threat information across devices.
Looking to the Future
It’s also important to anticipate future performance demands. Digital transformation initiatives can stall when the security infrastructure is unable to support the added load. A qualified managed services provider (MSP) can help organizations select and implement an NGFW that balances price and performance with an eye toward the future state of the IT infrastructure.
Perimeter security alone isn’t enough to protect today’s distributed IT environment, but it remains a vital part of any cybersecurity strategy. Organizations should ensure that their firewalls have the performance to support their operations while providing advanced protection against today’s threats.
ABOUT MAINSTREAM TECHNOLOGIES
Mainstream Technologies a Little Rock, Arkansas technology provider offers, managed technology services, technology consulting, custom software development, data center services, and cybersecurity services. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile