It’s strange to think of firewalls as obsolete when they’re often referred to as an absolute necessity in the tech world. Everyone has a firewall; even in the days of AOL when sixth graders ran bots out of boredom, they weren’t willing to risk not having a good firewall.
Although firewalls sound like the ultimate security, they often fail to live up to their impenetrable image. On its own, a firewall isn’t capable of adequately protecting IT assets. If it were, then we wouldn’t see data breaches en masse.
ComputerWeekly.com reminds us that a firewall isn’t capable of alerting anyone to most compromises, even after they’ve occurred. The bigger problem, they note, comes from inside threats. Employees and contractors don’t need to go through a firewall to access data on protected systems. Not every employee or contractor will violate this trust, but it happens. A firewall won’t protect any company from an inside threat.
Firewalls are inconvenient for networks
Firewalls don’t just lack security capabilities – they become a burden when you’ve got multiple machines connected to your network.
For instance, most companies with several locations process transactions such as point-of-sale, and perform company-related functions, over a wide area network (WAN). Each location should be equipped with a firewall, but this is often skipped due to the cost.
Firewalls can be hardware or software based. Those who choose stand-alone hardware firewalls often fail to keep the firmware and software updated. When you’ve got an IT team, it’s not so bad. On the other hand, if your team spends 10 hours a month maintaining your network’s firewalls, that’s still 10 hours of their time.
A recent case study demonstrates an unlikely solution
Like many retail operations, a franchise called Pet Lovers Centre needed a solution to secure multiple stores from the recent spread of ransomware outbreaks. They had a virtual private network (VPN) and routers at every store that directed POS traffic to firewalls located in their Singapore datacenter. However, only the datacenter and four stores had firewalls, leaving 96 franchises open to attack.
The company’s first idea was to add firewalls to all franchise locations, but that would have been a slow and tedious process. The next option was to use an MPLS (Multi-Protocol Label Switching) service. But that would have been even more costly to maintain.
The solution they adopted is something considered impossible until now. They deployed a 100-site SD-WAN – without firewall appliances at each location.
The service they implemented was Cato Networks’ Firewall as a Service (FWaaS). This service connected all Pet Lovers locations in the cloud, securely, through a global firewall.
This is revolutionary in the IT world for several reasons:
- It eliminates all the patches and upgrades required with a traditional firewall
- Multiple cloud service providers can be connected and secured through one management interface
Mobile users can access the WAN securely through the same network and security policies as those used for connecting locations.
Security is big business
According to Forbes.com, IT security is a $60 billion industry that “researches, develops, and sells firewalls, anti-malware, authentication, encryption, and 80 other categories of products.” IT is a huge industry, and it’s about time we started seeing revolutionary solutions emerge.
There’s no reason to use MPLS anymore
Like firewalls, MPLS is becoming outdated architecture. Although promoted as an efficient way to improve IP packet exchange, routing traffic around link failures, congestion, and bottlenecks, MPLS is costly. It’s also insecure, as documented in this White Paper from Cisco.
Technology will never be completely impenetrable
Each time a physical security measure is put in place – like a firewall with physical equipment – it becomes one more tedious aspect for an IT team to manage. If there is no IT team, it may not be managed at all. Unmanaged infrastructure puts businesses at risk more than anything.
Given enough time and dedication, hackers can eventually bypass some of the toughest security measures put in place by IT professionals. But it seems that IT is evolving faster than many cybercriminals. The fact that firewalls are now becoming outdated is proof that IT has taken big leaps in the field of security.