Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

2/10/2020
09:00 AM
By Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
By Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
Sponsored Article
100%
0%

7 Critical Firewall Capabilities to Prevent Cyberattacks

Why an intelligent, state-of-the-art firewall is critical to the security and success of your business.

Firewall technology used to be simple and straightforward. You programmed it with predefined security policies set by your organization.  A firewall would then filter incoming and outgoing traffic, letting safe traffic into your network, while keeping dangerous traffic out. But in the four decades since the firewall’s inception, both security technology and cybercriminal methods have evolved.

With the adoption of cloud computing, SaaS applications, mobile and IoT devices, enterprise IT will continue to become more connected and more vulnerable to cyberattacks in 2020. Connecting IoT devices to your network provides even more entry points for hackers to attack you. These security issues will impact almost every company as 67% of companies have already experienced an IoT security incident. Is your company next?

Compliance, privacy, and data security have expanded beyond the CISO and CIO, to become important to the CEO and company board. Given the growing cyberattack risk to all enterprises, it is important to protect your network with an intelligent and innovative Next Generation Firewall (NGFW) that includes the following seven critical capabilities.

Capability 1: Management
The search for a next generation firewall (NGFW) begins with a unified security management platform. A NGFW needs superior security management and efficient features to meet the needs of the modern, distributed enterprise including cloud, datacenter, mobile, PCs, and IoT.
Security management is more than just security policy and network and device configuration. You must also consider ease of use, increased operational efficiency, and a unified platform. Other key features include  the ability to scale security to match the growth of the IT network, automate workflows, and maintain consistent policy implementation across your security infrastructure. 

Capability 2: Threat Prevention
Core threat prevention techniques including anti-phishing, anti-virus, and anti-bot go beyond traditional firewall security functions that simply integrate with IPS to consolidate hardware. Cloud-based analytics and threat intelligence provide further threat prevention benefits, including automatic malware indicator updates.

Capability 3: Application Inspection and Control
As enterprises grow and scale, it’s essential to select a firewall that has application support broad enough to identify new, sophisticated applications. Firewalls have evolved over time to become broad, deep, intelligent, and dynamic.

Capability 4: Dynamic, Identity-Based Inspection and Control
Traditional firewall rules based on simple IP addresses are changing due to the shift to dynamic addressing, cloud architectures, and group-based policies. Enterprises need a firewall that can support policies based on third-party user stores, public and private cloud objects, external service feeds such as Office 365, AWS geolocation, and new device classes like IoT. It is also important to use threat intelligence and automation to enable dynamic policy creation and enforcement. Intelligent automation will reduce security risks and costs by decreasing manual configuration changes and the inherent human error that occurs.  

Capability 5: Hybrid Cloud Support
In order to meet the needs of cloud-first enterprises, your next firewall should embrace the automation and orchestration of the cloud by providing scalable performance based on dynamic workloads, along with consumption models for cost-effective deployment. 

Capability 6: Scalable Performance with Advanced Security Functions
Your next generation firewall  will need capabilities that can ensure scalable performance as your requirements increase. It’s important that your firewall doesn’t have hardware limitations that could prevent your organization from deploying the latest threat prevention technologies and algorithms. Such limitations could impact performance capabilities in the cloud as compared to traditional hardware deployments. Hyperscale network security technologies enable cloud-level security on premise, and scaling performance as throughput and security requirements change.

Capability 7: Encrypted Traffic Inspection
A recent Google study showed that over 90% of the web traffic generated by end-user Chrome browser activity was encrypted. As encrypted traffic increases and cyber threats become more advanced and destructive, your firewall needs to be able to inspect this traffic in order to apply control policy and activate threat prevention. 

A Holistic Approach
Many organizations have to support complex security architectures with multiple security solutions. This approach can lead to complex integrations, misconfigurations, and inefficient operations. When selecting your next generation or enterprise firewall, it’s important to think holistically about your security architecture and security operations. As you can see, Next Generation Firewalls are much more than enforcement points for network traffic policies. These firewalls are actually intelligent security gateways that include application intelligence and multi-dimensional threat prevention.

About The Author: 
Russ Schafer, Head of Product Marketing, Security Platforms, Check Point
Russ Schafer is head of product marketing for security platforms and analyst relations at Check Point. Security products include next generation firewalls, cloud network security services, IoT, Zero Trust, security gateways, security management, and Infinity. Russ previously held senior leadership roles at IBM, Intel, Yahoo, AOL, Sybase, and THX.

 

  

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15864
PUBLISHED: 2021-01-17
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page.
CVE-2021-3113
PUBLISHED: 2021-01-17
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies via a direct /session/list/allActiveSession request. For example, the attacker can discover the admin's cookie if the admin account happens to be logged in when the allActiveSession request occurs, and ...
CVE-2020-25533
PUBLISHED: 2021-01-15
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct ...
CVE-2021-3162
PUBLISHED: 2021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
CVE-2021-21242
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or a...