DTX Manchester DTX Manchester
  • About Us
Friday, 26 February, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Next-generation firewalls must evolve to remain relevant

by The Gurus
September 26, 2014
in Opinions & Analysis
Share on FacebookShare on Twitter

When Gartner coined the phrase “Next Generation Firewall (NGFW)” in 2003, it captured a then-nascent approach to traffic classification and control.
 
Combining traditional packet filtering, with some application control and IPS layered on top, today’s “legacy” NGFWs do pretty much what they say on the tin.
 
However, whilst NGFWs continue to be a vital part of an organisation’s protection, they were designed for a time before advanced targeted threats started attacking our enterprises – threats that often go undetected, until it’s too late.
 
Most organisations today secure their networks using disparate technologies that don’t – and can’t – work together.  They leave gaps in protection, that today’s sophisticated attackers exploit.  These point solutions lack the visibility, control and joined-up security intelligence required to be effective, given the sophisticated of the threat landscape we now face.
 
In addition, the disparate solutions that organisations have previously relied upon add to capital and operating costs and increase the administrative complexity.
 
From my own discussions with security professionals I know that they are frustrated with disparate point solutions and the cost, complexity and administrative headaches they create – not to mention the gaps in security that often result from this.
 
So what’s to do?
NGFWs must evolve, to stay relevant, in a world that is dealing with dynamic innovative threats – threats that we couldn’t have anticipated just a few years ago. It’s time for a shift in mindset, regarding the level of protection an NGFW must provide, to improve visibility, detect multi-vector threats, close security gaps that attackers exploit, and combat other sophisticated threats.
 
Until now, NGFWs have focused on basic traffic and application control and have been unable to address advanced and zero day attacks.  The challenge is, that today’s advanced attacks are hiding in plain sight, disguised as the traffic flows of applications that you won’t be blocking, for good business reasons.
 
In order to combat today’s dynamic threats, a different approach is needed – one that delivers continuous monitoring and full contextual analysis of threats across the entire attack continuum; before, during and after the attack.
 
In order to effectively deal with today’s security challenges, an NGFW must offer capabilities that address these three key areas:
 

  • Visibility-driven: In an era where attackers often know more about your environment than you do, a visibility-driven approach enables you to level the playing field.  Real-time insight into all of your users, devices, OSs, applications, virtual machines, connections and files is critical.  It allows you to not only identify and deal with your weak spots but delivers the contextual awareness needed to accurately pinpoint suspicious behaviour, when it happens.
  • Threat-centric:  is about delivering integrated threat defence, across the full attack continuum – before, during and after. A threat-centric NGFW must be visibility driven – enabling you to be best prepared for the fact that you will be attacked, by minimize your attack surface.  It must give you the best possible detection during an attack, combining market-leading technologies including NGIPS and Advanced Malware Protection (AMP).  And, it needs to recognise that detection is not one hundred percent, by delivering continuous monito
    ring and analysis after an attack, because today’s advanced malware is designed to evade traditional “point-in-time” security layers.  Continuous protection means you can “go back in time” to alert on and remediate files initially deemed safe, that are later determined to be malicious, as a result of additional intelligence or analysis.
  • Platform-based: IT professionals are now under tremendous pressure to reduce complexity in their environments, keep operational costs low and maintain the best defences to keep pace with the dynamic threat landscape. In today’s world, platform-based now entails delivering a simplified architecture and reduced network footprint, with fewer security devices to manage and deploy. To meet these challenges, next-generation firewalls must evolve to become threat centric.  Enabled by open APIs, they are a key component of an integrated threat defence solution.

 
Organisations are continuously evolving their extended networks and must have defences in place that can address the dynamic threat landscape. To remain relevant, an NGFW must offer next-generation security capabilities that are visibility-driven, threat-focused and platform-based.
 
Addressing these three imperatives is crucial in enabling organisations to maintain a robust security posture, that can adapt to changing needs and provide protection across the attack continuum – before, during and after an attack.
 
 
Sean Newman is a security strategist at the Cisco Security Business Group

0 0 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Shellshock-related attacks detected

Next Post

CISOs predicted to struggle with Bash detection and mitigation

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Npower shuts down app after hackers steal customer bank info  

February 26, 2021
Partnership announcement: Edgescan partners with BSI to deliver safe and secure client solutions

Edgescan partners with BSI to deliver safe and secure client solutions

February 26, 2021
Microsoft building

Microsoft failed to fix known problems that could have prevented SolarWinds hack

February 26, 2021
Microscope

Dutch Research Council experience ransomware attack

February 26, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept