I was reading an article that the future of the firewall was uncertain at best because of the move to cloud computing....
As an organization that uses the cloud and SDN and embraces BYOD employees, how should we approach our next firewall upgrade/purchase? Which particular features should we search for to find the best firewall for our environment?
Things are as dynamic as ever with enterprise networks and business operations alike, so you have a very valid concern. Both cloud and mobile have changed not only the way we look at the traditional network perimeter, but also how we look at protecting information altogether. I'm not convinced the firewall is dead -- as some have proclaimed -- and I certainly don't believe it's going away anytime soon.
Certain environments and even certain types of businesses will no doubt evolve into a hybrid or cloud-only environment that no longer require traditional network firewalls. I also think that we'll see a greater focus on moving security controls closer to the information on the endpoints and within the application environments themselves. However, I still believe that, for the foreseeable future anyway, there will be plenty of use cases for good old-fashioned firewall protection at the network perimeter.
As for your approach, it's no different than any other security technology you're considering. You need to step back and look at what you're trying to accomplish from a higher level, determine your enterprise's unique risks, and then deploy the technology (or technologies) that are most appropriate for what you need.
Based on this information, it sounds like you at least need to consider a next-generation firewall from a vendor such as Palo Alto Networks Inc. or Fortinet Inc., or a next-generation intrusion prevention system from a vendor such as Sourcefire (Cisco) or F5 Networks Inc. that offers enhanced capabilities to get more granular security controls that lock down the application layer, mobile and cloud.
Ask the Expert!
Perplexed about network security? Send Kevin Beaver your questions today! (All questions are anonymous.)
Get help conducting a next-generation firewall assessment
Learn more about next-generation intrusion prevention
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.