Is a firewall a thing of the past? People have been questioning the utility of firewalls for years. Columnist and editor Roger A. Grimes wrote that “firewalls need to go away” in May 2012. Grimes reasoned this was because firewalls “have always been problematic, and today there is almost no reason to have one.”

Is Grimes right? Is there no more use for firewalls anymore?

How Do Firewalls Work?

Traditional firewalls control traffic entering and exiting the network based upon source IP address, destination IP address, port and protocol. These types of solutions define traffic as flow, not isolated packets. Therefore, these tools can apply rules to traffic flow and help security experts make decisions based on them. Firewalls of the past also use packet filtering to inspect ingress and egress traffic (otherwise known as north-south traffic) for connections initiated by potentially suspicious sources along with virtual private networks (VPNs) as a means of gaining secured entry to the network.

Recently, some users have turned to next-generation firewall (NGFW). These come with the same protection as a basic firewall, but add onto it in several ways. For instance, they use application awareness to set rules for specific applications instead of port numbers and IP addresses. This allows them to block unwanted applications. It even works if attackers rotate through different port numbers and IP addresses, tactics that could hop traditional firewalls. Many NGFWs also come with threat intelligence for staying on top of emerging threats.

The Cloud: Where Firewalls Fall Short

The majority of traditional firewalls and NGFWs aren’t as effective in the age of the cloud. Businesses are moving their data and systems outside of the data center to locations they don’t own. At the same time, employees are using their personal devices located outside of the network to access that data and those systems more often. Together, these facts have erased the concept of the single network perimeter, where most traditional firewalls and NGFWs have stood guard for years.

In doing so, the cloud has also helped to redefine what’s needed from a network security tool such as a firewall. Remote work makes it possible for attackers to target the network from anywhere in the world. They could leverage a real employee’s compromised account for malicious ends. Therefore, organizations need the capability to inspect east-west traffic for signs of suspicious activity, such as a malicious actor abusing a real account to move laterally through the network.

The Latest in Cloud-Based Firewalls

The emergence of the cloud has certainly challenged previous tenets of network security. But, it hasn’t gotten rid of the concept entirely. Entities need to secure their cloud-based systems just as they need to protect their on-premise assets. The means of doing so might be different, but the underlying concepts are the same.

The same is true for the firewall. The cloud has merely shifted the discussion to the need for firewalls that are equipped to provide protection over more virtual landscapes.

With that in mind, many organizations are investing in a NGFW hosted in the cloud or other ‘virtual firewalls.’ These types of solutions are useful for their many configuration options. These enable admins to microsegment the cloud network as their cloud landscapes constantly change. This helps keep critical data and systems safe against cloud-based threats.

Virtual firewalls can maximize security even further if you pair them with other tools. For instance, you can use these tools’ micro-segmentation abilities to lay the groundwork for building a zero trust network. Once you mark some assets as trusted, you can then use the cloud-based solutions to forbid attacks and other unapproved connections that originate from outside the circle of trust. This will help keep the cloud secure going forward.

The Firewall is Here to Stay

Is there an end in sight for the firewall of the past? Maybe. But not for the concept of the firewall and for allowing access and blocking unknown connections. As the network continues to evolve and become more complex, the firewall will have to change in order to provide a new quality of network security. That’s already what’s happened with the cloud, and that’s no doubt what will happen with whatever changes the network undergoes next.

More from Cloud Security

Is Your Critical SaaS Data Secure?

4 min read - Increasingly sophisticated adversaries create a significant challenge as organizations increasingly use Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) to deliver applications and services. This mesh of cloud-based applications and services creates new complexities for security teams. But attackers need only one success, while defenders need to succeed 100% of the time. Organizations are contending with an exponential rise in advanced threats that are not only increasing in volume but also sophistication. The IBM Cost of Data Breach Report 2022 found…

4 min read

Rationalizing Your Hybrid Cloud Security Tools

3 min read - As cyber incidents rise and threat landscapes widen, more security tools have emerged to protect the hybrid cloud ecosystem. As a result, security leaders must rapidly assess their hybrid security tools to move toward a centralized toolset and optimize cost without compromising their security posture. Unfortunately, those same leaders face a variety of challenges. One of these challenges is that many security solutions create confusion and provide a false sense of security. Another is that multiple tools provide duplication coverage…

3 min read

New Generation of Phishing Hides Behind Trusted Services

4 min read - The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible. Phishing tactics have evolved faster than ever, and the variety of attacks continues to grow. Security pros need to be aware. SaaS to SaaS Phishing Instead of building…

4 min read

The Importance of Modern-Day Data Security Platforms

4 min read - Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

4 min read