The Case for Using Use Cases When Selecting an Enterprise Firewall

shutterstock 583886089

Digital transformation is having a significant impact on networks. Workflows, applications, and transactions need to move freely across today’s distributed network. Mobile users and IoT devices need immediate access to critical information regardless of their location, including faster access to encrypted multi-cloud environments for more efficient business operations. And because consumer and end-user demands are driving the adoption of things like Agile Development, the applications and other software your organization relies on are continually being updated and improved. All of this has serious implications for security.

As a result, the standards many organizations use for evaluating an Enterprise Firewall have changed. That NGFW you bought to protect your network edge a couple of years ago may have had the speed, features, and ports you needed at the time. The only problem is, that network edge has now disappeared, and you are now trying to use that same firewall to inspect the growing volume of SSL-encrypted traffic moving between your core network and your cloud deployment. And as a result, that device has suddenly become a bottleneck getting in the way of your new digital business operations.

Rather than using the traditional measures of feeds and speeds to select a firewall device, organizations need to look for solutions that combine performance with flexibility, automation, and interoperability. This allows them to deploy and then repurpose those security devices as the infrastructure they were originally purchased to protect continues to evolve.

Focus on Use Cases

While performance, features, and hardware configurations are still important, a more relevant consideration is the kinds of use cases a firewall solution can support. Today’s NGFW solutions need to be able to adapt to changing organizational requirements. Rather than buying a separate device for each use case inside your organization, such as SD-WAN, Segmentation, Secure Web Gateway, and NOC/SOC deployments, organizations need a solution that can adapt to as many of these use cases as possible. Being able to repurpose a security device after underlying structure and business priorities change is much more cost-effective than filling your wiring closet with one-off security solutions with expiration dates and siloed management that spans reduces visibility and control because it cannot span use-cases.

One of the most important functions required of a modern NGFW solution is its ability to seamlessly span multiple use cases. This enables it to integrate with a variety of networking and security solutions in order to share critical information, correlate data to detect new threats, and then participate in a coordinated and integrated response to repel even the most dangerous and distributed attacks. In addition, NGFW solutions need to be able to operate identically regardless of their form factor. Virtual devices need to provide the same functionality, and support the same management interfaces as the physical version of that device. And they also need to ensure that same degree of consistent functionality exists across as many of the primary cloud providers as possible, operating seamlessly as well as natively in and across AWS, Azure, Google Cloud Platform, IBM Cloud, and Oracle OCI cloud environments.

Static security deployments are a thing of the past. Instead, security solutions need to be able to dynamically adapt as the networks they protect evolve. The ultimate goal of securing business enablement is more critical than ever, and supporting a variety of uses cases is an essential function of today’s security solutions. 

Use Case Examples

Here is a quick overview of some of the more critical use cases that today’s advanced firewall solutions need to support.

NGFW – Today’s digital business requirements demand an NGFW that can process growing amounts of application and IoT device traffic, including inspecting encrypted traffic with minimal performance impact. An NGFW also needs to not just provide insights into edge activities, but also provide visibility into your entire network with regards to threats, compromised hosts, and specific applications. It also needs automation capabilities so it can take immediate action on cyber events at digital speeds. And finally, organizations can no longer afford for NGFW solutions to operate in isolation, but must instead be able to be seamlessly integrated into open eco-system environments.

SD-WAN – Today’s Next-Generation Branch Offices require immediate access to critical resources. SD-WAN enables such branch offices to operate more efficiently while providing essential features such as granular application visibility and simplified provisioning. The challenge is that many of the SD-WAN solutions on the market see security as an afterthought. Instead, SD-WAN and security need to be tightly integrated to provide real-time, in-line granular inspection, while intelligently prioritizing application routing to optimize network bandwidth.

Internal Segmentation – Organizations are replacing many of the network's traditional perimeters with internal segmentation. And given the dynamic nature of today's networked environments, these network segments need to be provisioned on-demand. NGFW solutions that support internal segmentation allow organizations to securely isolate traffic and devices while providing deep inspection for traffic, applications, and transactions that need to move laterally across and between segments.

Secure Web Gateway – More and more of today's network traffic comes from web-based and SSL encrypted applications. While NGFW solutions often provide some essential application inspection, Secure Web Gateway functionality provides high-performance SSL inspection while filtering the content of specific web applications in order to protect users and data from common web-based attacks. They safeguard not only traditional users and web application data, but also secure back-end applications, including in QA, staging, and pre-production environments.

NOC/SOC – Traditionally, NOC and SOC deployments have functioned separately. However, bringing them together into a unified NOC/SOC solution enables IT teams to better automate data correlation and coordinate threat responses across network silos. Automating and integrating data exchanges between security (SOC) workflows and operational (NOC) workflows not only saves time, but also enables a higher level of visibility, control, and operational management.

Cloud – Cloud environments need to support dynamic workflows and applications that move from one networked resource to another. Because the cloud does not function as an isolated silo, security needs to provide consistent features and functionality, common interfaces, and a unified management console for seamless policy orchestration and enforcement across the entire distributed network. Only in this way can you ensure that your cloud environments don’t become the weak link in your security strategy.

Selecting an Enterprise Firewall today is about much more than evaluating speeds and feeds, hardware configurations, or even the features and functions it supports. Today, a firewall also needs to provide broad flexibility combined with cross-device support and deep network integration to ensure that you can deploy it wherever it is needed. A use case approach to evaluating a firewall solution is essential for determining whether a solution will not only meet your current needs but also seamlessly adapt to new requirements as your network continues to evolve.

Read more about Fortinet FortiGate Enterprise Firewalls.

Read more about Fortinet Again Being Recognized by Gartner as an Enterprise Firewall Magic Quadrant Leader. Download your copy of the full report.