Firewalls are dead? Not in this century!
Having spoken to more than 100 large enterprises on Secure access Service Edge (SASE) in the last 12 months, I am deeply passionate about and aware of how cloud-delivered networking and security services can transform businesses.
That said, I am also convinced that firewalls are still extremely relevant in the digital business landscape. The analysts agree – according to Gartner, by 2026, more than 60% of organizations will have more than one type of firewall deployment, which will prompt the adoption of hybrid mesh firewalls (HMFs).
With the mainstreaming of cloud computing across enterprises, firewalls are actually becoming more relevant than ever before. Here are a few key themes I have encountered in my conversations with CISOs ( Chief Information Security Officer ) and CIOs ( Chief Information Officer ) around the strategic importance of firewalls in the years to come.
This is Not Your Grandfather's Firewall
Firewalls are not dying, they are evolving. Over the years, leading firewall architectures have evolved from just network layer inspections to application awareness, from doing basic security functions to helping detect and block zero-day attacks, from protecting just IT to OT/ IOT and much more. Firewalls are also a critical component of securing 5G networks. Firewalls have also evolved to have embedded proxy capabilities, negating the need to manage multiple different network security architectures and deployments.
Today, the concept of the hybrid mesh firewall (HMF) is picking up steam. The idea is that the firewall does not just mean a hardware appliance. Customers want the firewalling capability to be available to them in any form factor they choose – hardware, software, containerized or firewall-as-a-service. All these form factors need to be managed from the same management console for the hybrid mesh firewall strategy to be effective.
A Firewall is Not for Window Dressing
Deploying a firewall should not be done just for checkbox compliance. A firewall can only be useful if you are using it to prevent evasive attackers and enable a true zero-trust architecture. If your firewall vendor does not have the ability to apply deep learning and machine learning models to your traffic, it is as good as window dressing. In order to protect against attacks in real-time, not only does the firewall need to have advanced security functions - it also needs to perform well when these functions are turned on. This is where firewall vendors' datasheets need to be scrutinized carefully and tested against real-world use cases. In some cases, firewalls report a nearly 75% drop in performance when key security inspections are turned on. These are very important selection criteria when evaluating a firewall supplier.
Firewalls Have a Role to Play in SASE Architecture
Network security architectures are rarely a 'one size fits all'. SASE/SSE is helpful when customers want to inspect their traffic in the cloud using 'security as a service' architecture instead of backhauling to centralized appliances in the DC.
This works well for a lot of use cases, such as branch traffic, remote users and secure access to cloud applications. Firewalls and network security appliances are helpful when organizations want to solve specialized use cases such as high bandwidth data centre environments, critical infrastructure protection, 5G security, east-west traffic inspection, cloud security and IoT security among others.
The key question to ask is whether the SASE portion of your network security architecture can be managed using the same management console as your firewalls and proxies. If it is two different technology stacks with separate policy constructs and management consoles, it is a recipe for operational inefficiencies and poor security posture.
Customers should be choosing network security partners that are demonstrated leaders in both the hybrid mesh firewall (HMF) as well as SASE domains.
A Pathway to Cyber Transformation
As a critical component of the enterprise security strategy, firewalls cannot exist in isolation. They need to be connected to other parts of the security stack in order to unleash their full potential.
We have seen a massive shift in customers moving towards XDR - connecting network security to endpoint and cloud security to facilitate a unified view of threats and accelerate time to detection and response. So, the key question for customers to ask their firewall suppliers is – what is your XDR story and how can I get unified analytics across network, endpoint and cloud?
Another important area to think about is integrating cloud firewalls into the broader cloud security platform, often known as CNAPP – cloud-native application protection platforms. Another key question for firewall suppliers – what is your CNAPP strategy and where do cloud firewalls integrate with my overall cloud security architecture?
Deploying Firewalls in CSP (Cloud Service Provider) Environments
A common misconception is that firewalls are not required for public cloud service provider (CSP) environments like Azure, AWS and GCP. My experience is the contrary – every single CISO I have spoken to with a serious cloud strategy has deployed virtualized (and sometimes containerized) versions of their enterprise firewall in their cloud VPCs.
But then again, it's not just about having the form factor, it's also about deep security inspection and manageability. It is important to take a very strategic approach to partnering with the leading CSPs – making our firewall technologies available as native services within the CSP management console.
In conclusion - Firewalls are very much alive and kicking and evolving into Hybrid Mesh Firewalls (HMFs) to allow customers the choice of where and how to consume this important cybersecurity capability.
CIOs, CISOs, and Networking Leaders should carefully choose their firewall architectures and suppliers based on their ability to support digital business needs. Hopefully, this article has provided some food for thought in that direction.
Siddharth Deshpande - Field Chief Technology Officer, Asia Pacific & Japan, Palo Alto Networks