In the second of this three-part series examining the stages of firewall management maturity, we look at next generation firewall technology. Read More
Firewall Management Maturity Stage 3: Advanced Firewall ManagementFrom enabling external intelligence to following a co-managed strategy, firewall management continues evolving to protect organizations from cyber threats. By: Leo Kershteyn
The firewall technology evolution continues. Today finds us at a place where firewalls provide vast capabilities, in particular when it comes to gaining more visibility into the global threat landscape.
One of the biggest challenges any organization faces is seeing threats outside of their environment. Just getting a grasp of the traffic occurring across a company's infrastructure is one thing, but trying to see what may be affecting the global landscape or a specific industry is a different animal altogether.
Enter threat intelligence feeds containing custom countermeasures, an ability to amplify a firewall's effectiveness. Some next-generation firewalls and IPS appliances feature the ability to ingest third-party threat intelligence feeds. These feeds, such as those developed by leading security companies, can accelerate the ability for next generation firewall appliances to detect more threats before any harm is done to your data and devices.
As with most other elements of security technology, the origin and makeup of these security feeds matters greatly. This is where an experienced cybersecurity company really can make an impact when it comes to having visibility into the global threat landscape that is accurate, relevant and actionable. A third-party security organization possessing the ability to monitor the ever-evolving threat landscape can become a critical partner by packaging that knowledge in the form of countermeasures to be ingested by the next generation firewall. This intelligence, usually consisting of custom IPS signatures, and lists of malicious IP addresses and domain names created from effective research bolsters your firewall's blocking capabilities, along with your appliance vendors' security feeds. Vendor intelligence plus intelligence from a cybersecurity company and expert monitoring, tuning and management really can raise the level of effectiveness of your firewall infrastructure, while promoting good security hygiene and protecting your environment.
As we have discussed throughout this series, these additional capabilities take a good amount of time and expertise, two areas where organizations struggle. Effective firewall management is not easy to execute. If you have the right staff in place today, and even if you can feed-and-weed your firewall environment around the clock, there is no guarantee you will be able to accomplish that once staff members change jobs or companies.
Some companies are wary of working with an outside organization on components as critical to their security as firewalls. We recommend looking for an experienced cybersecurity partner that offers a co-managed approach. In a co-management scenario, you can retain ownership and administration rights to the level you prefer, while allowing the third party to take care of the tasks you either can't or don't want to perform.
However, no matter what milepost you're at on your firewall management journey, know that help is out there to assist in securing your environment, bolstering your security posture and getting the maximum value from your firewall investment.