Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


09:00 AM
By Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
By Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
Sponsored Article

7 Critical Firewall Capabilities to Prevent Cyberattacks

Why an intelligent, state-of-the-art firewall is critical to the security and success of your business.

Firewall technology used to be simple and straightforward. You programmed it with predefined security policies set by your organization.  A firewall would then filter incoming and outgoing traffic, letting safe traffic into your network, while keeping dangerous traffic out. But in the four decades since the firewall’s inception, both security technology and cybercriminal methods have evolved.

With the adoption of cloud computing, SaaS applications, mobile and IoT devices, enterprise IT will continue to become more connected and more vulnerable to cyberattacks in 2020. Connecting IoT devices to your network provides even more entry points for hackers to attack you. These security issues will impact almost every company as 67% of companies have already experienced an IoT security incident. Is your company next?

Compliance, privacy, and data security have expanded beyond the CISO and CIO, to become important to the CEO and company board. Given the growing cyberattack risk to all enterprises, it is important to protect your network with an intelligent and innovative Next Generation Firewall (NGFW) that includes the following seven critical capabilities.

Capability 1: Management
The search for a next generation firewall (NGFW) begins with a unified security management platform. A NGFW needs superior security management and efficient features to meet the needs of the modern, distributed enterprise including cloud, datacenter, mobile, PCs, and IoT.
Security management is more than just security policy and network and device configuration. You must also consider ease of use, increased operational efficiency, and a unified platform. Other key features include  the ability to scale security to match the growth of the IT network, automate workflows, and maintain consistent policy implementation across your security infrastructure. 

Capability 2: Threat Prevention
Core threat prevention techniques including anti-phishing, anti-virus, and anti-bot go beyond traditional firewall security functions that simply integrate with IPS to consolidate hardware. Cloud-based analytics and threat intelligence provide further threat prevention benefits, including automatic malware indicator updates.

Capability 3: Application Inspection and Control
As enterprises grow and scale, it’s essential to select a firewall that has application support broad enough to identify new, sophisticated applications. Firewalls have evolved over time to become broad, deep, intelligent, and dynamic.

Capability 4: Dynamic, Identity-Based Inspection and Control
Traditional firewall rules based on simple IP addresses are changing due to the shift to dynamic addressing, cloud architectures, and group-based policies. Enterprises need a firewall that can support policies based on third-party user stores, public and private cloud objects, external service feeds such as Office 365, AWS geolocation, and new device classes like IoT. It is also important to use threat intelligence and automation to enable dynamic policy creation and enforcement. Intelligent automation will reduce security risks and costs by decreasing manual configuration changes and the inherent human error that occurs.  

Capability 5: Hybrid Cloud Support
In order to meet the needs of cloud-first enterprises, your next firewall should embrace the automation and orchestration of the cloud by providing scalable performance based on dynamic workloads, along with consumption models for cost-effective deployment. 

Capability 6: Scalable Performance with Advanced Security Functions
Your next generation firewall  will need capabilities that can ensure scalable performance as your requirements increase. It’s important that your firewall doesn’t have hardware limitations that could prevent your organization from deploying the latest threat prevention technologies and algorithms. Such limitations could impact performance capabilities in the cloud as compared to traditional hardware deployments. Hyperscale network security technologies enable cloud-level security on premise, and scaling performance as throughput and security requirements change.

Capability 7: Encrypted Traffic Inspection
A recent Google study showed that over 90% of the web traffic generated by end-user Chrome browser activity was encrypted. As encrypted traffic increases and cyber threats become more advanced and destructive, your firewall needs to be able to inspect this traffic in order to apply control policy and activate threat prevention. 

A Holistic Approach
Many organizations have to support complex security architectures with multiple security solutions. This approach can lead to complex integrations, misconfigurations, and inefficient operations. When selecting your next generation or enterprise firewall, it’s important to think holistically about your security architecture and security operations. As you can see, Next Generation Firewalls are much more than enforcement points for network traffic policies. These firewalls are actually intelligent security gateways that include application intelligence and multi-dimensional threat prevention.

About The Author: 
Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
Russ Schafer is head of product marketing for security platforms and analyst relations at Check Point. Security products include next generation firewalls, cloud network security services, IoT, Zero Trust, security gateways, security management, and Infinity. Russ previously held senior leadership roles at IBM, Intel, Yahoo, AOL, Sybase, and THX.



Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-23
PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.
PUBLISHED: 2020-09-23
** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
PUBLISHED: 2020-09-23
A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP re...
PUBLISHED: 2020-09-23
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit t...
PUBLISHED: 2020-09-23
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based...