A firewall breach is a company disaster, so it’s important to keep up with the advancements in firewall technology. In this presentation, John Burke, CIO at Nemertes Research, outlines key recent developments.
How should your firewall technology change to avoid a future firewall breach? To answer that question, Burke compares how you work now compared to how you used to do things, back when your current firewall was acquired.
In old data centers (DCs) there were distinct tiers of functions, both physically and architecturally, and traffic primarily flowed north-south. This contrasts significantly with the new data center, where the physical and architectural tiers are less distinct, for instance. The new architecture is more services-oriented. Components may be talking to components in a dozen places at once. That component might be running on a physical machine or a virtual one, and it might even be sharing a physical machine or VM with a number of other service components -- running inside a container, for instance, a new approach that’s gaining traction in the data center. The flow between these components is now more east-west than north-south.
Given this more complex environment, Burke asks how does the firewall now need to function? Firewalls for the most part are still placed between the data center and the outside world (and to a lesser extent between the DC and internal users.) That setup is less and less likely to prevent a firewall breach as we increasingly create exceptions for traffic to go around the firewall in order to facilitate traffic flow. In short, the firewall is still where it’s always been, but the environment around it has changed dramatically.
This is illustrated by example for a firewall breach where a laptop is compromised, or another connected device, like a cell phone. This is just one example and Burke covers several others, all of which mean that a firewall breach is increasingly likely because your firewall is no longer where you really need it to be. Updating your firewall is essential to cope with the dramatic change in the computing environment.
In this presentation, Burke outlines in detail the features next-generation technology contains that can prevent a firewall breach. He explains the features that are essential to preventing the expense and other headaches of a breach, and explains elements to incorporate in your firewall strategy, like partitioning with agility, centralizing management and more. Viewers of this video will come away with a deeper understanding of why traditional firewall tech is insufficient to prevent breaches and what a next-generation firewall needs to be able to do to keep your data center safe from hackers.