What is an internal network firewall, and how does it differ from other types of firewalls? What are the pros and...
cons of using an internal firewall versus traditional firewalls?
When you consider the ongoing research, internal threats exploiting all-too-common vulnerabilities are creating sizeable risks for businesses both large and small.
However, the concept of an internal firewall seems to be yet another vendor marketing gimmick à la "the cloud" and "cybersecurity," likely borne out of the hype around PCI DSS compliance.
A firewall is a firewall is a firewall -- the goal is to protect one network segment from another while letting in approved traffic and monitoring for anomalies. That said, you can tweak certain firewalls to work optimally in your internal environment, and that's what this internal firewall option is all about. For example, you might have an internal firewall that allows all traffic to pass through (i.e., any-any rules with no routing enabled), but you want intrusion prevention, application-layer monitoring or malware protection to still work.
Using internal firewalls for segmentation purposes would be a great way to minimize internal security risks. Many organizations do this for PCI, but that's arguably not enough. When anyone can plug into any port on an enterprise network and access dozens of network segments and thousands of network hosts -- and carry out exploits that no one will ever notice -- then something's amiss. I see this scenario quite often.
Ultimately, business functions, usability and convenience unfortunately trump most security controls, including any benefits offered up by firewalls used on the internal network. But using firewalls to reduce internal security risks is something every enterprise should consider.
Ask the Expert:
Have a question about network security? Send it via email today. (All questions are anonymous.)
Explore further about the placement of firewalls
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.