What is an internal network firewall, and how does it differ from other types of firewalls? What are the pros and...
cons of using an internal firewall versus traditional firewalls?
When you consider the ongoing research, internal threats exploiting all-too-common vulnerabilities are creating sizeable risks for businesses both large and small.
However, the concept of an internal firewall seems to be yet another vendor marketing gimmick à la "the cloud" and "cybersecurity," likely borne out of the hype around PCI DSS compliance.
A firewall is a firewall is a firewall -- the goal is to protect one network segment from another while letting in approved traffic and monitoring for anomalies. That said, you can tweak certain firewalls to work optimally in your internal environment, and that's what this internal firewall option is all about. For example, you might have an internal firewall that allows all traffic to pass through (i.e., any-any rules with no routing enabled), but you want intrusion prevention, application-layer monitoring or malware protection to still work.
Using internal firewalls for segmentation purposes would be a great way to minimize internal security risks. Many organizations do this for PCI, but that's arguably not enough. When anyone can plug into any port on an enterprise network and access dozens of network segments and thousands of network hosts -- and carry out exploits that no one will ever notice -- then something's amiss. I see this scenario quite often.
Ultimately, business functions, usability and convenience unfortunately trump most security controls, including any benefits offered up by firewalls used on the internal network. But using firewalls to reduce internal security risks is something every enterprise should consider.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
Explore further about the placement of firewalls
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading