The Future of Firewalls: Engineering Experts Reveal The Path Ahead
Posted August 11, 2023 by Sayers
Among the advancements in security and networking technologies, firewalls have stood the test of time. More than 30 years since their first generation appeared on the market, firewalls remain essential to a resilient and adaptable security posture.
In a recent employee session, a panel of Sayers engineers delved into the evolution and future of firewalls to explore their role in organizations’ modern cybersecurity environments.
Read on for highlights.
How Has The Firewall Evolved?
Today’s powerful firewall platforms are almost unrecognizable compared to the legacy offerings of 20-30 years ago. Evolving from simple filtering devices to today’s sophisticated platforms, firewalls have become a cornerstone of a comprehensive security strategy.
Today, firewalls offer application and identity-based inspection with enhanced segmentation capabilities, advanced threat protection, intrusion prevention, secure VPN solutions, and centralized management.
As enterprises increasingly adopt cloud-based services, firewalls have extended their reach to cloud and hybrid environments. This provides enhanced security for distributed workforces in branch offices and work-from-home spaces.
Ken Wisniewski, Sayers Senior Security Architect, says:
“Firewalls have become the ultimate positive security model tool in most enterprise networks, allowing only that which should be allowed. They’ve evolved and improved on that model to allow not only ports and protocols but also applications and URLs much more granularly.“
“They’ve also become extremely competent negative security model tools, evolving to include an intrusion prevention system (IPS), anti-virus capabilities, sandboxing, and all of these capabilities bundled into what we now know as the typical enterprise firewall, whether it’s a physical or virtual platform.”
What Is The Future of Firewalls?
In the face of new threat tactics and disruptive technologies, firewalls have evolved into three emerging areas (more on each of these below):
- Firewall as a Service (FWaaS)
- Cloud Firewall
- Hybrid Mesh Network Firewall
Chris Willis, VP of Cybersecurity and Network Engineering at Sayers, says:
“With traffic being encrypted, firewalls need to be more intelligent to decrypt and inspect that traffic. Otherwise, the firewall might as well be a router or a switch. In addition, the adversaries have changed how they attack companies and what they’re looking for. These evolutions have forced the firewall market to change.”
Choosing the right firewall approach depends on a variety of factors, including the ability to meet your organization’s firewall deployment use cases, the training curve required of your employees, the available licensing and consumption models, scalability, cost-effectiveness, and specific requirements such as advanced threat protection and Secure Access Service Edge (SASE) integration.
Detection and response technologies have expanded and provide a significant amount of visibility, but they are meant to augment firewalls, not replace them. Joe Schnell, Sayers Senior Cybersecurity Architect, says:
“As the XDR market continues to grow and compete with the combination of SIEM (security information and event management) and SOAR (security orchestration, automation, and response), XDR players are starting to gravitate toward certain firewalls for which they have built-in response capabilities. That automation should be part of a wider conversation when considering which firewalls to deploy.”
Are physical firewalls going away? Not necessarily. Wisniewski says:
“Many organizations are still going to have physical firewalls, especially in data center environments where you have ingress traffic or east-west traffic segmentation. But vendors are pushing very much on multi-form factor, multi-cloud, and delivered-as-a-service models.”
What Is Firewall As A Service?
Firewall as a Service provides flexible, secure, and scalable firewall services that are especially useful for branch offices and remote workers. FWaaS enables direct cloud-based inspection that’s likely closer to your remote users or branches than your own data center would be.
FWaaS is a core component of Security Service Edge (SSE) and SASE that converges security and networking technologies.
Firewall as a Service offers features including advanced threat protection and identity-based access. But like any of the three types of emerging firewalls, it’s not right for every use case. Willis says:
“Leveraging the cloud is awesome. But if you have east-west traffic and certain functionalities or applications that you want to protect, you can’t just move everything to one of these firewall-as-a-service vendors. You have to consider a lot of factors.”
What Are Cloud Firewalls?
Software-based cloud firewalls bring traditional firewall vendor technologies into your public cloud environment of choice, such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform.
“All the big firewall vendors have sophisticated integrations with the three to four major public cloud providers in terms of implementation, automation, and orchestration in those environments. They need to do that and make it seamless to implement because they are up against native cloud firewalls from the cloud providers themselves.”
Cloud providers are working to improve their firewall offerings for a more secure cloud infrastructure. For now, cloud-native firewall capabilities aren’t comparable to the firewall platforms traditional vendors offer. You potentially could see a trend of major cloud providers acquiring firewall vendors to bridge this gap and create more advanced cloud-native solutions.
Other aspects to consider include:
- Cloud firewalls offer the flexibility of scaling up or down through licensing to meet your capacity needs, in contrast to purchasing additional physical firewalls when you need to scale those.
- Most public clouds offer different licensing options. In many cases, a bring-your-own-license approach can be more cost-effective than pay-as-you-go.
- Depending on the skill sets in your organization, you may want to choose managed services for seamless cloud firewall integration.
What Is A Hybrid Mesh Network Firewall?
In the emerging hybrid mesh network trend, organizations deploy a combination of firewalls in multiple form factors for comprehensive security coverage. These can be on-premise or in public cloud, and in virtualized or container environments.
The flexibility of a hybrid mesh network firewall enables a centralized approach to manage and configure the various types of firewalls and integrate policies. You can efficiently scale up and down to adapt to varying workloads while maintaining consistent security protocols across environments.
How Has Managing And Owning Firewalls Become More Complex?
Firewall ownership and management have evolved as firewall functionalities expanded. Once part of the telecom or networking group, firewalls now perform much more in the security realm.
In many cases, a security and risk management team or governance group oversees firewall policies. Infrastructure and operations groups as well as applications teams provide input into firewall configuration and management.
Gerry Wollam, Sayers Senior Cybersecurity Solutions Architect, says:
“As firewalls have become a platform that controls and sees so many more things than before, many companies struggle with all those features being under one roof. They don’t know how to manage it, or who is responsible for it.”
With different ports, protocols, applications, and inspection capabilities between different segments, firewalls will continue to require involvement from multiple groups within the organization.
Questions? Contact us at Sayers today to discover the right firewall strategy and effective security solutions for your business.