Industry Insights

Why Your Firewalls Can't Keep Up with the Threats

Posted by Susan Sison on Dec 6, 2016 2:22:14 PM

Old security paradigms don't work well anymore. The Internet has changed too much. Threats have grown more sophisticated. New approaches are needed to keep up with new threats.

A firewall is supposed to protect a network, but what constitutes a network is no longer clear-cut. You might have a local network, one in a data center, a VPN, hybrid cloud or any combination. Mobile devices come and go. Perimeters overlap — meaning a vulnerability in one, lesser protected environment could lead to a breach in another where critical data resides.

Where Firewalls Fall Short

Traditional firewalls are insufficient. They can keep out specified IP addresses and close off ports, but attacks that don't come from known hostile sources will get through.

Application firewalls improve protection by understanding specific protocols, such as HTTP and SMTP. They filter requests and recognize hostile patterns, thwarting exploitation of common weaknesses. But they also require frequent updates to stay two steps ahead of attackers, who are constantly changing up their methods to exploit weaknesses as they emerge.

Coordinating multiple firewalls is complicated, and automation alone isn’t enough to keep systems safe. Administrators need to review logs to assess the threats coming in  and adjust defenses, accordingly.

Compounding the complexity is the need to track threat intelligence from other security solutions at various network layers and on different mobile and on-premise devices. Tracking it fast enough to stop new threats is often impossible.

A unified threat management (UTM) firewall solution removes most of the complexity, but at the cost of insufficient granular control. This compels many administrators to stick with legacy models or supplement with separate application-based protection tools. Either way, UTM doesn’t always deliver on the promise of simplified security.

Out With Silos; In With A Layered Defense

With attacks coming from more devices and IP addresses than ever before, even the best firewalls fall short when deployed in traditional, silo-based configurations. Another approach is needed — one that defends the entire network attack surface including known and approved networked devices and all forms of access such as personal devices, cloud connections and unsanctioned "shadow IT."

An effective defense needs to simplify, not complicate. Complexity creates gaps in security; whereas a streamlined, layered defense provides multiple safety cushions. If an attack gets past the first layer, the next stops it; or at least delays it so it can be detected and damage mitigated.

Weave Together Different Firewall Deployment Modes And Security Functions

It's possible to get both simplicity and depth. What makes it possible is a security architecture that weaves together a range of firewall deployment modes and security-level functions with single-pane-of-glass administration.

Administrators can configure and review firewall data and threat intelligence from other tools such as advanced sandbox software without having to wade through multiple interfaces and logs.

NCA uses Fortinet's "security fabric" to connect up enterprise-wide security intelligence between various firewall deployments. An increased level of hostile activity at one point can trigger stricter screening at other points. Administrators can change a policy in one place and have it apply everywhere. The resulting protection adapts as quickly as the threats change. Better protection means higher system reliability and lower costs.

A Fortinet partner, NCA can deliver the advantages of a modern, collaborative security platform with best-in-class next generation security technology.

Topics: Network Security, Threats, Firewalls

Subscribe to Email Updates

Lists by Topic

see all