Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Roundtable: Next gen firewalls - when old security isn't enough

Allan Swann | June 13, 2014
How can a reseller make the push to install what is, by some accounts, an essential part of any modern security infrastructure?

"Schools put a huge amount of time and effort into locking down their network and end up with almost a false sense of security. I've got a 13-year-old and a 16-year-old, all they say is 'I can't get on through the school network, let me tether to my iPhone because I've got a data plan on it.' It completely bypasses all the security," Parker said.

"If enterprises are doing the same thing - we've actually put a huge amount of time, effort, money, resources into locking everything down. And it's wasted. We believe we are secure but the reality is, the more we lock it down, the more people just find ways to go around it.

"So the real challenge is: do you actually lock it down so nothing can happen? Or do you allow stuff to actively go through it, and track everything?"

Wayland agrees, noting that workplace time pressures mean that work-oriented goals sometimes come before best practice.

"If you do an audit on a customers' network, what they think are the number of applications that's running on the network, versus the actual applications that are running on the network - they're two widely different numbers, and actually a different variety of applications," Wayland said.

"It's been a long time since I worked in a corporate but that was because my IT department was completely unresponsive. The business is under pressure to do things and so you do workarounds."

For example, how do you police an employees phone, that is chock full of Android malware, from jumping on the company wi-fi and infecting your network? It's also a problem of the number of users, GA Systems' Anthony said.

"So every time we install a net product it's usually three times the number of users that we anticipate," he said.

Defining Next-Generation Firewalls... how to know if someone's selling you a goose?

Obviously companies approach NGFW's differently, and add or subtract features as they see fit, but taking a neutral definition of what the industry generally considers a NGFW. Remember, just because a vendor uses the term, doesn't necessarily mean it offers an actual NGFW offering. As in every aspect of our business marketing hyperbole can overwhelm facts.

 

Previous Page  1  2  3  4  5  6  7  8 

Sign up for Computerworld eNewsletters.