Are Firewalls Dead? Not by a Long Shot - But We Need to Make Some Changes

Presented by

Randy Franklin Smith, Publisher, UltimateWindowsSecurity.com & Tim Woods, Vice President Technology Alliances, FireMon

About this talk

You hear about network boundaries being gone so much that it’s easy to start thinking firewalls are dead. But exploit after exploit shows the opposite is true. Here are examples: •BlueKeep and DejaBlue demonstrate that protocols like RDP have no business being exposed directly to the Internet. •Lateral movement exploits like that in the Equifax debacle show that more segmentation is needed so that a single unpatched server doesn’t result in your most important database going up in smoke •The Capital One data breach shows that cloud resources need firewall protection too – not just on prem Most web applications are two applications in one. 1) The single page or progressive app runs on the client with all its source code in clear text for bad guys to pursue and 2) the application API that goes between the client and back-end servers. But that can easily become an API for bad guys. Putting everything in the cloud and not designing network security into the architecture is like taking your on-prem network and putting all storage arrays and servers on the Internet and expecting each device and system to defend itself. In the webinar, we look at network security and the evolving role of the firewall. We will discuss two overall classes of firewalls: •Traffic policy enforcement points •Full-stack next-gen / deep-packet-inspection firewall products Those categories may cause you to widen your scope as to what constitutes a “firewall” because by #1’s definition, anything with a network ACL is a firewall. It’s an important distinction because what we need are more enforcement points and granularity in policy. That’s the premise behind the holy grail of zero trust and microsegmentation. But with more firewalls and rules on them, we risk making the #1 problem with firewalls even worse: misconfiguration. Just released, FireMon will review the 6th annual State of the Firewall report. This year’s report is highly illuminating and will reinforce many of my key points.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (41)
Subscribers (3419)
FireMon delivers continuous security for hybrid enterprises through a powerful fusion of vulnerability management, continuous compliance and orchestration. Since creating the first-ever network security management solution, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies and risk for more than 1,700 customers around the world.