Light Dark
February 1, 2021 By David Bisson 3 min read
Cloud Security
Network

Is a firewall a thing of the past? People have been questioning the utility of firewalls for years. Columnist and editor Roger A. Grimes wrote that “firewalls need to go away” in May 2012. Grimes reasoned this was because firewalls “have always been problematic, and today there is almost no reason to have one.”

Is Grimes right? Is there no more use for firewalls anymore?

How Do Firewalls Work?

Traditional firewalls control traffic entering and exiting the network based upon source IP address, destination IP address, port and protocol. These types of solutions define traffic as flow, not isolated packets. Therefore, these tools can apply rules to traffic flow and help security experts make decisions based on them. Firewalls of the past also use packet filtering to inspect ingress and egress traffic (otherwise known as north-south traffic) for connections initiated by potentially suspicious sources along with virtual private networks (VPNs) as a means of gaining secured entry to the network.

Recently, some users have turned to next-generation firewall (NGFW). These come with the same protection as a basic firewall, but add onto it in several ways. For instance, they use application awareness to set rules for specific applications instead of port numbers and IP addresses. This allows them to block unwanted applications. It even works if attackers rotate through different port numbers and IP addresses, tactics that could hop traditional firewalls. Many NGFWs also come with threat intelligence for staying on top of emerging threats.

The Cloud: Where Firewalls Fall Short

The majority of traditional firewalls and NGFWs aren’t as effective in the age of the cloud. Businesses are moving their data and systems outside of the data center to locations they don’t own. At the same time, employees are using their personal devices located outside of the network to access that data and those systems more often. Together, these facts have erased the concept of the single network perimeter, where most traditional firewalls and NGFWs have stood guard for years.

In doing so, the cloud has also helped to redefine what’s needed from a network security tool such as a firewall. Remote work makes it possible for attackers to target the network from anywhere in the world. They could leverage a real employee’s compromised account for malicious ends. Therefore, organizations need the capability to inspect east-west traffic for signs of suspicious activity, such as a malicious actor abusing a real account to move laterally through the network.

The Latest in Cloud-Based Firewalls

The emergence of the cloud has certainly challenged previous tenets of network security. But, it hasn’t gotten rid of the concept entirely. Entities need to secure their cloud-based systems just as they need to protect their on-premise assets. The means of doing so might be different, but the underlying concepts are the same.

The same is true for the firewall. The cloud has merely shifted the discussion to the need for firewalls that are equipped to provide protection over more virtual landscapes.

With that in mind, many organizations are investing in a NGFW hosted in the cloud or other ‘virtual firewalls.’ These types of solutions are useful for their many configuration options. These enable admins to microsegment the cloud network as their cloud landscapes constantly change. This helps keep critical data and systems safe against cloud-based threats.

Virtual firewalls can maximize security even further if you pair them with other tools. For instance, you can use these tools’ micro-segmentation abilities to lay the groundwork for building a zero trust network. Once you mark some assets as trusted, you can then use the cloud-based solutions to forbid attacks and other unapproved connections that originate from outside the circle of trust. This will help keep the cloud secure going forward.

The Firewall is Here to Stay

Is there an end in sight for the firewall of the past? Maybe. But not for the concept of the firewall and for allowing access and blocking unknown connections. As the network continues to evolve and become more complex, the firewall will have to change in order to provide a new quality of network security. That’s already what’s happened with the cloud, and that’s no doubt what will happen with whatever changes the network undergoes next.

 |  | 
David Bisson
Contributing Editor

More from Cloud Security
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 4, 2024

Cloud security uncertainty: Do you know where your data is?

3 min read - How well are security leaders sleeping at night? According to a recent Gigamon report, it appears that many cyber professionals are restless and worried.In the report, 50% of IT and security leaders surveyed lack confidence in knowing where their most sensitive data is stored and how it’s secured. Meanwhile, another 56% of respondents say undiscovered blind spots being exploited is the leading concern making them restless.The report reveals the ongoing need for improved cloud and hybrid cloud security. Solutions to…

March 14, 2024

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature