Pakhnyushchyy - Fotolia
I was reading an article that the future of the firewall was uncertain at best because of the move to cloud computing. As an organization that uses the cloud and SDN and embraces BYOD employees, how should we approach our next firewall upgrade/purchase? Which particular features should we search for to find the best firewall for our environment?
Things are as dynamic as ever with enterprise networks and business operations alike, so you have a very valid concern. Both cloud and mobile have changed not only the way we look at the traditional network perimeter, but also how we look at protecting information altogether. I'm not convinced the firewall is dead -- as some have proclaimed -- and I certainly don't believe it's going away anytime soon.
Certain environments and even certain types of businesses will no doubt evolve into a hybrid or cloud-only environment that no longer require traditional network firewalls. I also think that we'll see a greater focus on moving security controls closer to the information on the endpoints and within the application environments themselves. However, I still believe that, for the foreseeable future anyway, there will be plenty of use cases for good old-fashioned firewall protection at the network perimeter.
As for your approach, it's no different than any other security technology you're considering. You need to step back and look at what you're trying to accomplish from a higher level, determine your enterprise's unique risks, and then deploy the technology (or technologies) that are most appropriate for what you need.
Based on this information, it sounds like you at least need to consider a next-generation firewall from a vendor such as Palo Alto Networks Inc. or Fortinet Inc., or a next-generation intrusion prevention system from a vendor such as Sourcefire (Cisco) or F5 Networks Inc. that offers enhanced capabilities to get more granular security controls that lock down the application layer, mobile and cloud.
Ask the Expert!
Perplexed about network security? Send Kevin Beaver your questions today! (All questions are anonymous.)
Get help conducting a next-generation firewall assessment
Learn more about next-generation intrusion prevention
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading
The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains ... Continue Reading
While most mobile platforms provide levels of security from mobile cryptojacking, IT must still be aware of the risks and procedures to address an ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.