Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Roundtable: Next gen firewalls - when old security isn't enough

Allan Swann | June 13, 2014
How can a reseller make the push to install what is, by some accounts, an essential part of any modern security infrastructure?

Next Gen Firewalls remain a vastly untapped technology — the same victim of hype and overselling that has damaged the reputations of other technologies such as Big Data and Cloud. However, unlike Big Data and more similar to Cloud, it is finally getting some mainstream acceptance, and sales are rising. So how can a reseller make the push to install what is, by some accounts, an essential part of any modern security infrastructure?

One of the key challenges facing any IT department looking to implement next gen firewalls (NGFW) across any business is exactly that — it's a technology that spans the entirety of the business. It is this complexity of policy management that translates into problems at the operational level, especially for anyone looking to implement it as a managed service, Channel Dynamics director, Cam Wayland, said.

"It's beyond the ability of the IT department now to be able to manage the Next Generation Firewalls, because it spans beyond the IT department into the operational areas that don't want it. They actually need this security, but they don't want it or know that they need it," he said. Dimension Data Queensland practice manager — security, Ryan Ettridge, said having a dynamic implementation is key — and that's something that hasn't changed from the last generation of firewalls to the current.

"Traditionally you'd take a couple steps back and think about what the intention of a firewall was; it was about segmenting different types of risks, and it's no different now," he said.

"In our constantly dynamic and flexible environments, we need something that is going to be just as dynamic and flexible in terms of the policies that we allow through those walls. It's about the intelligence in terms of threats, and being able to determine what the sources and the destination is - so applications and users," he said.

The original firewall was designed when things were a fair bit more simple. Having an access control policy and a list based on ports and protocols were very manageable - because there weren't that many applications that you had to allow. Nowadays the number of network applications has exploded, whether it's Skype, Facebook or DropBox.

A key part of NGFW's is the simplification of the interface. GASystems CEO, Gordon Anthony, said it isn't just important for the staff running the firewall, but for wider management. Being able to reduce a problem to something that anyone can understand is vital nowadays.

"It's certainly easier to explain it to senior management. It's quite simple looking at the applications, looking at who's using what and what rules you're implying," he said.

Firewalls as risk management


1  2  3  4  5  6  7  8  Next Page 

Sign up for Computerworld eNewsletters.