Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/209760
NETWORK SECURITY By Ronen Isaac The Evolution of Firewalls Knowing the capabilities of the technology can go a long way toward crafting a network security solution for your customers N etwork security is a critical concern for enterprises, government agencies and organizations of all sizes — and thus, helping them to solve these problems should be a critical concern for you. Today's advanced threats demand a methodical approach to network security. In many industries, enhanced security is not just an option — it is a requirement. Federal regulations such as SarbanesOxley, HIPAA, GLBA, and others require organizations, including financial institutions, health care providers and federal agencies, to implement stringent security programs to protect digital assets. Network security and the devices used to protect the network have become increasingly confusing. With such high stakes, it is imperative that security integrators are fully aware of the technologies available to them to help mitigate the risk for these important clients and markets. Perhaps the most common and effective network security technology is the firewall — the backbone for most network security deployments. Firewalls have evolved over 56 time to adapt to the changing risks, vulnerabilities and needs of end-users. Here's a look at how firewalls have evolved, along with complimentary firewall technologies that can be deployed for specific risk mitigation. Enter the Next Generation The Beginnings The purpose of the original firewalls was to ensure that only those connections that were required were allowed into the enterprise network, which typically included services offered to the public, such as e-mail, Web, FTP, DNS and a few others. Firewalls were also used to limit the types of services that internal computers may access outside the enterprise; thus, somewhat limiting malware from contacting external servers. These traditional "stateful inspection firewalls" have effectively become obsolete because of two significant limitations. First, they did not inspect the data payload of network packets. Second, while more and more network traffic uses Web protocols — including legitimate business and other applications — traditional firewalls did not have the finegrained intelligence to distinguish one kind of Web traffic from another and enforce business policies. Over time, vendors have integrated new approaches with the old to come up with a true "all-in-one" device, the "next-generation firewall." These programs attempt to address the traffic inspection and application awareness drawbacks of the old firewalls without hampering performance. The most significant difference between the nextgen devices and traditional firewalls is that they use a variety of techniques to identify applications, including Web apps. Thus, instead of allowing all traffic coming in via typical Web ports, next-gen firewalls can distinguish between specific applications and then apply policies based on business rules. www.SecurityInfoWatch.com | SD&I; | November 2013