Firewalls and Firewall Management: Here to Stay

Contrary to some security experts’ proclamations over the
past few years, the demise of the corporate firewall has been seriously
oversold.  While depending on the
firewall and antivirus (AV) alone would be considered foolish in today’s time
of sophisticated cyberattacks designed to elude these signature- and rule-based
blacklist technologies, the truth is that the firewall isn’t going away.  And neither is the responsibility for
managing it.

"We went away from the traditional perimeter firewall
for a number of years thinking that we could invest primarily in point
solutions such as IPS and data leak protection and other types of systems that
were designed as additional security layers and that’s all great but then
there’s also been a huge push to consolidate those services back into the
firewall," said Peter Bybee, CEO of hybrid cloud security and compliance
solutions provider Security-On-Demand. "So the UTM firewalls and the next
generation firewalls–Palo Alto was the first of a whole series, Sourcefire has
come out with their next-gen firewall, and Checkpoint’s got there’s–so we’ve
got all this functionality back into the firewall."

All this has just upped the burden of firewall management,
especially continuing the added stress of continuing fragmentation of the
workplace through mobile and telecommuting, and the rising tide of web apps and
devices that need exclusions for network access.

"It turns out its just made the firewall more complex
than it previously was," Bybee said. "There’s more confusion around
how to manage the firewall. The problem is getting worse rather than better."

Combine that with the ramifications of screwing things up —
permitting a big-time breach by insecurely configuring the firewall or shutting
down a mission critical application through some mix-up–and firewall
management rises over the horizon as a huge opportunity for channel partners
who can bring the right set of tools and skills to the table.

"There’s more risk today than ever that someone’s going
to screw something up. A misconfigured rule, some kind of backdoor that is put
in there, or a temporary rule that gets forgotten and stays in place. These are
all the classic blunders that allow compromises," Bybee said. "It’s
interesting that a lot of the compromises that still occur are not really.
People think that there’s all this sophistication going on with hacking, and to
some degree, maybe there is, but there are a lot of open firewalls out
there."

In fact according to Gartner, 95 percent of firewall
breaches are a result of misconfigured firewalls rather than flaws in the
firewall.

"In that case, complexity is still our worst enemy as
we make mistakes that hackers exploit and not so much finding some very
sophisticated way to hack into our system," said Nimrod Reichenberg, vice
president of marketing and business development for firewall management vendor
Algosec.

 

Borne out of this complication, the firewall management market
is booming. Security-On-Demand is one of many IT solution providers that is
starting to realize the upside of offering firewall management solutions and
services around these tools. In his case, Bybee’s using Algosec to help
customers stabilize security postures and streamline network throughput and
operations through better management of firewall rule sets.

And there’s still a lot of room for growth, because as Mark
Jones, CEO of SOS Security puts it, most companies are lagging with their
firewall rule sets.

"I’d say 85 percent of the firewall rules today that
most enterprise companies are utilizing are written very poorly. The majority
of it stems from writing them haste and not being able to go back and audit or
analyze what they’ve done," Jones said. "What’s nice about this space
is that we’re starting to see not just firewalls but also other devices that
are starting to play into this mix of automation and things of that nature."

According to Jones, in 2011 his firm saw growth of 92
percent in net new clients, and increased bottom-line revenue by 70 percent in
firewall management.

"It is one of the fastest, rapidly-growing segments
within our portfolio," said Jones, who partners with firewall management
vendor Tufin Technologies for his technology suite. "I can tell you over
the last year the space has really changed. Customers are actually calling us
now to come in and do POCs around these kinds of tools."

While it is difficult to track market numbers down for this
specialized segment, Tufin for its part has seen wild success in recent
years.  Growth has exploded by over 6000
percent in the last five years and in 2011 it was named number one in the
Deloitte Israel Technology Fast 50. All of that success has come through its
channel and the firm brought in 40 more partners last year to top out at 200 by
fourth quarter.

According to Jones, much of the success he’s seen through
his association with the firm comes around understanding the right pain points
to highlight and finding ways to show customers that it is not a ‘nice to have’
product.

"I think in the past where the firewall optimization
was looked at as ‘a really nice tool and it organizes my rules.’ But it’s not a
rule organizer–it is very much something that companies need to look at to
make sure that firewall rules are written properly and it actually is a cost
saving tool," Jones said. "Because when we go into clients and their
firewall utilization is at 90 percent and they’re looking at the next flavor of
hardware, we can go in and say, let’s first start with the firewall rule
optimization and see how many rules are duplicates, how many shadow rules and
let’s clean this up. And when we do this, we can see almost a 40 to 50 percent
reduction in throughput. Which actually helps them. They don’t have to upgrade.
The ROI built around the tool almost pays for itself."

 

RELATED ARTICLES

Must Read