The holiday season is upon us – which means it’s also cyberattack season. Though, arguably, 2014 has turned into an entire year of the cyberattack: one study estimates 2014 will rack up an incredible 42.8 million cyberattacks worldwide. That’s more than 117,000 attacks every day!
Which leads me to the topic of firewalls. It’s been 20 years since the first firewalls were deployed to make a perimeter gateway barrier blocking unwanted IP traffic.
Since then, firewalls have evolved to keep pace with new technologies, the ever-increasing complexities of network infrastructures and applications, and new business models that have spawned things like cloud computing and mobile apps. These days, companies deploying firewalls and advanced perimeter controls see a 15% return-on-investment .
Firewall best practices in a dynamic environment
Firewalls will continue to play a critical role in enterprise security. A well-configured firewall enables you to manage user, application, and system behaviors, and provides multiple network traffic controls. It may include intrusion detection/protection and data loss prevention capabilities, antivirus or URL filtering, or perhaps even sandbox-style, zero-day threat detection.
Not surprising then, that managing your firewall takes some effort in today’s complicated and dynamic IT environment. Here are my three essential firewall best practices:
- Beware of misconfigurations, a leading source of vulnerabilities that lead to data breaches. You need to clean up unused rules, eliminate rule conflicts, set up a consistent firewall change workflow, and document it all religiously. Also, make sure security, compliance, IT, and dev ops staffs communicate well.
- Stay committed to in-depth defense. Minimally, this means deploying firewalls at multiple infrastructure layers in addition to deploying security intelligence systems (e.g., SIEM), intrusion detection/prevention, encryption, and anti-virus/anti-malware/antispam capabilities.
- Expect ongoing changes in firewall technologies dealing with advanced malware and persistent threats, and embrace the rise of virtualized networks, software-defined networks (SDN), cloud bursting, etc.
Expert firewall help when you need it
Whenever you deploy or upgrade a security measure, it’s important that potential vulnerabilities are identified so you can develop compensating measures. This, and often the deployment itself, takes specialized expertise that your IT staff may not have.
A trusted technology advisor can fill this gap by providing firewall expertise ranging from unmanaged dedicated firewall services to customizable managed and hosted/cloud firewall services.
But how do you decide what kind of assistance you need? The right technology advisor can help with a firewall review that includes an analysis of configurations, access controls, list of responsibilities, and recommendations.