Given that time and budgets are always limited, organizations are often reluctant to upgrade IT infrastructure that seems to be working just fine. If it ain’t broke, don’t fix it. But the fact that something appears to be working isn’t enough in today’s cyber threat climate.
Firewalls are a case in point. A firewall’s basic function is to create a hardened perimeter that prevents certain types of traffic from entering the network and accessing resources. Legacy firewalls do that by blocking specific IP addresses and port numbers. However, today’s cyberattacks are typically launched at the application layer. Application-layer attacks can sneak right past older firewalls that are unable to look inside data packets to determine if they’re malicious.
Next-generation firewalls (NGFWs) offer advanced functionality that better protects your organization from attack:
- Web Usage Control. NGFW vendors have gone through the process of categorizing websites according to the type of content. Organizations can use these categories to block or limit access to certain types of sites — pornography, child abuse, dating, gambling, social media, shopping, etc. This prevents users from going to sites that could be malicious or create legal issues or that simply have no business relevance.
- Malware Detection. NGFWs recognize that even legitimate websites may unknowingly harbor malware. Also, organizations may want to give certain users access to social media platforms, which often have malicious files or links. NGFWs inspect network traffic to detect malware and prevent it from being delivered to the user.
- Automated Intervention. Best-in-class NGFWs don’t just passively block traffic based upon known signatures and predefined policies. Deep packet inspection and intrusion prevention are used to scrutinize regular network traffic on a much more granular level. NGFWs actively look for patterns that could indicate malicious activity.
- VPN Support. Given today’s highly mobile workstyles, most organizations need to allow users to access network resources remotely. A virtual private network (VPN) creates a secure, private connection over the public Internet to protect the data moving between the remote user and the data center. NGFWs simplify and secure remote access with built-in support for IPsec and SSL VPNs.
- Application Awareness. NGFWs are application-aware, allowing legitimate applications to traverse the network while blocking others according to business policies. For example, organizations can bock applications such as Bit Torrent, which is commonly used to download content illegally, as well as consumer-grade file-sharing applications that can put data at risk. Organizations may also want to block video streaming and other non-business applications that can cause bandwidth bottlenecks and hamper employee productivity.
Ease of management is a key feature to look for when selecting an NGFW — particularly for organizations that have multiple remote sites. Cloud-based NGFWs allow IT teams to administer multiple firewalls and make configuration changes from one web-based console.
Many GDS customers are making the transition to newer technology but a lot of companies are still using legacy firewalls that don’t provide adequate protection. It can be hard to justify investment in a new firewall when traffic is moving to and from the network. However, a security breach is much more expensive in terms of direct costs, business disruption and reputational damage. The security experts at GDS can help you select and implement an NGFW that will put your organization on firmer footing.