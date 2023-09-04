A Firewall is Not for Window Dressing

Deploying a firewall should not be done just for checkbox compliance. A firewall can only be useful if you are using it to prevent evasive attackers and enable a true zero-trust architecture. If your firewall vendor does not have the ability to apply deep learning and machine learning models to your traffic, it is as good as window dressing. In order to protect against attacks in real-time, not only does the firewall need to have advanced security functions - it also needs to perform well when these functions are turned on. This is where firewall vendors' datasheets need to be scrutinized carefully and tested against real-world use cases. In some cases, firewalls report a nearly 75% drop in performance when key security inspections are turned on. These are very important selection criteria when evaluating a firewall supplier.

Firewalls Have a Role to Play in SASE Architecture

Network security architectures are rarely a 'one size fits all'. SASE/SSE is helpful when customers want to inspect their traffic in the cloud using 'security as a service' architecture instead of backhauling to centralized appliances in the DC.

This works well for a lot of use cases, such as branch traffic, remote users and secure access to cloud applications. Firewalls and network security appliances are helpful when organizations want to solve specialized use cases such as high bandwidth data centre environments, critical infrastructure protection, 5G security, east-west traffic inspection, cloud security and IoT security among others.

The key question to ask is whether the SASE portion of your network security architecture can be managed using the same management console as your firewalls and proxies. If it is two different technology stacks with separate policy constructs and management consoles, it is a recipe for operational inefficiencies and poor security posture.

Customers should be choosing network security partners that are demonstrated leaders in both the hybrid mesh firewall (HMF) as well as SASE domains.

A Pathway to Cyber Transformation

As a critical component of the enterprise security strategy, firewalls cannot exist in isolation. They need to be connected to other parts of the security stack in order to unleash their full potential.

We have seen a massive shift in customers moving towards XDR - connecting network security to endpoint and cloud security to facilitate a unified view of threats and accelerate time to detection and response. So, the key question for customers to ask their firewall suppliers is – what is your XDR story and how can I get unified analytics across network, endpoint and cloud?

Another important area to think about is integrating cloud firewalls into the broader cloud security platform, often known as CNAPP – cloud-native application protection platforms. Another key question for firewall suppliers – what is your CNAPP strategy and where do cloud firewalls integrate with my overall cloud security architecture?

Deploying Firewalls in CSP (Cloud Service Provider) Environments

A common misconception is that firewalls are not required for public cloud service provider (CSP) environments like Azure, AWS and GCP. My experience is the contrary – every single CISO I have spoken to with a serious cloud strategy has deployed virtualized (and sometimes containerized) versions of their enterprise firewall in their cloud VPCs.

But then again, it's not just about having the form factor, it's also about deep security inspection and manageability. It is important to take a very strategic approach to partnering with the leading CSPs – making our firewall technologies available as native services within the CSP management console.

In conclusion - Firewalls are very much alive and kicking and evolving into Hybrid Mesh Firewalls (HMFs) to allow customers the choice of where and how to consume this important cybersecurity capability.

CIOs, CISOs, and Networking Leaders should carefully choose their firewall architectures and suppliers based on their ability to support digital business needs. Hopefully, this article has provided some food for thought in that direction.

Siddharth Deshpande

Siddharth Deshpande - Field Chief Technology Officer, Asia Pacific & Japan, Palo Alto Networks