Essential Guide

Enterprise firewall protection: Where it stands, where it's headed

Enterprise firewalls are ubiquitous, but they're no longer enough in a hacker-infested world. What lies ahead for firewalls, and how will an increasingly virtualized network and advanced security tools shape them?

Introduction

Firewalls are security tools that examine the flow of data packets in and out of the enterprise; they're governed by rules that decide whether that flow is safe, malicious, or questionable and in need of inspection. Some experts argue -- as one in this guide does -- that the firewall is not essential. But if you determine you need firewall protection, that's just the start of the implementation process. Decisions must also be made about which firewall features and policies best suit your company, and about how to test the firewall once it's deployed.

Meanwhile, hackers are getting more sophisticated, and vendors are responding with more advanced firewalls and related products. So you need to know about firewall variants and offshoots: Web-application firewalls, next-generation firewalls, unified threat management, software-defined networking and more.

This guide reviews the state of the firewall, outlines what's ahead in an increasingly virtualized networking world and teaches you the lingo you need to understand it all.

1State of the firewall-

How to choose, implement and manage a firewall

The firewall is a long-established tool to protect a network by controlling incoming and outgoing network traffic via a set of rules that determine whether data packets are safe or not. Setting up firewall protection begins with a simple question: Do you need one or not? If you decide you do, though, then the complications begin. What features should it possess, and what policy should rule it? How can you make it as effective as possible -- and how and how often must you test it to make sure it's doing what it should? This module takes you from the question of whether to implement a firewall to how to make it the best it can be, and also addresses related issues, such as how to get the people using it to make it even stronger.

Tip

Do you really need firewall protection to be secure?

Assuming the firewall is all you need to be secure is a dangerous idea. In fact, you may even be able to live without one. Continue Reading

Answer

Does your firewall need EAL4 certification?

EAL4 certification ensures integrity in security products, but is it a must in an enterprise firewall product? Continue Reading

Tip

How to optimize your firewall

Firewalls are not sufficient for security but they are necessary. Learn some firewall best practices to make yours the best it can be. Continue Reading

Answer

Implement an effective firewall management policy

If you're using a traditional firewall, learn how to make it effective by creating a rule in it that filters on five attributes. Continue Reading

Misc

Improve firewall protection with routers

Businesses systems exposed to the Internet need to be careful; here's how to make your firewall more effective by using routers. Continue Reading

Tip

How to prevent firewall and other vulnerabilities

Firewalls, routers and switches are all easy targets for hackers. Learn how to keep network devices secure. Continue Reading

Answer

How, and how often, to test your firewall

Should the frequency of firewall testing be debated and documented as part of a firewall policy update? It depends on how you define "test." Continue Reading

Tip

Testing a firewall: What to do, what to skip

Learn three firewall tests that are important, and others that you can skip as you secure your organization's firewall. Continue Reading

Answer

Tools for firewall testing

There are some pretty good tools to test firewalls, and they are free. Continue Reading

Tip

Firewalls: The human element

Firewalls go up and yet, too often, security incidents don't go down. It may be because security requires human awareness -- communication and training -- as well as technology. Continue Reading

2Application firewalls-

Application firewalls: A new innovation

As hackers and their tricks get more sophisticated, firewall vendors are hustling to keep up. One innovation is the application firewall, which includes the Web-application firewall (WAF). An application firewall is -- as the name suggests -- an advanced security tool that blocks attacks to the network at the application level. This section of our guide explains the latest developments in, and pros and cons of, application firewalls in general, and WAFs in particular, and how to make them work well for you.

Feature

What's next for application firewalls?

Modern firewalls offer improved application awareness and user controls. Migrate to one smoothly with these tips from the pros. Continue Reading

Answer

Web-app firewalls and their drawbacks: Key questions

If application-layer firewalls examine traffic more carefully than traditional firewalls, why isn't everyone deploying them? Continue Reading

Feature

How to optimize Web-based app security and performance

Read about the intersection of the three main approaches to testing and ensuring application security: the WAF, code and application scanning, and manual penetration testing. Continue Reading

Tip

Build security with WAFs and SDLC

A strong software development lifecycle (SDLC) process plus WAFs improve security. Learn how. Continue Reading

News

Why we need WAFs

Why did WAFs get developed in the first place? It's just another example of how vendors respond to growing threats and network vulnerabilities. Continue Reading

3NGFW-

Next-generation firewalls coming fast

Technology evolves faster and faster, and tech related to firewall protection is no exception. Even as you're implementing your latest firewall tool, you need to keep an eye on the future. Read on to get a grasp on what's coming next in next-generation firewall (NGFW) technology.

Magazine

Firewall protection: What's at the core of next-generation?

What’s coming next? NGFWs that are granular, app-aware and more. Continue Reading

Answer

Next-generation firewalls: What management features do you need?

A network security expert guides you through the maze of features and points out the key ones you must have with your NGFW. Continue Reading

News

The challenges of managing the next generation of firewalls

The next generation of firewalls is more complex to manage, and has layers of rules and policies to write and track. Continue Reading

Tip

Preventing application-layer attacks with a NGFW

Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks. Continue Reading

Tip

Determining app access policies with a next-gen firewall

Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features. Continue Reading

4New products-

New firewall products and other developments

Once you have a grasp on firewall protection in general, and the advantages and challenges of the NGFW in particular, you're ready to evaluate specific products and the ways firewall technology relates to other evolving technology, such as unified threat management (UTM) devices. And then there's the question being asked in every part of the high-tech world: What will be the impact of software-defined networking (SDN)?

Answer

How a UTM device affects firewall effectiveness

Unified threat management devices provide more protection than a simple firewall, but do they increase the risk of an enterprise firewall failure? Continue Reading

News

HP’s Tipping Point firewall

With its new Tipping Point firewall, HP takes on the crowded NGFW market with an established IPS brand. Continue Reading

News

Cisco delivers a 320 Gbps firewall

Cisco has enhanced its data center security story with a new Cisco ASA clustering feature for 320 Gbps firewall capacity and a new virtual firewall. Continue Reading

News

F5 firewall crowds into the market

F5 Networks announced a new firewall that integrates with the company's existing application delivery and security products. Continue Reading

Tip

Evaluating virtualized network security products

The network might be going virtual, but the threats to its security remain real. This tip covers key points to consider while evaluating network security virtualization products. Continue Reading

Tip

Firewall protection in the era of SDN

The promise of SDN is centralized control and traffic management, which will result in automated network security that is more adaptive and scalable. Learn how this all relates to virtual firewalls. Continue Reading

5KEY TERMS-

Learn some firewall lingo

New tech means new terms. This section helps you build up your firewall vocabulary.