13 THINGS YOUR NEXT FIREWALL MUST DO

The rapid evolution of IT has changed the face of the network perimeter. Data and users are everywhere. Devices are proliferating more quickly than most organizations can keep up. At the same time, IT teams are adopting the cloud, big data analytics, and automation to accelerate delivery of new applications to drive business growth. Meanwhile, applications are increasingly accessible. The result is an incredibly complex network that introduces significant business risk. Organizations must minimize this risk without slowing down their business. Cyber security is not keeping up as attacks continue to disrupt business. Spending on security feels endless, and the reduction of risk is unclear. Deploying disparate, non-integrated tools and technologies leaves your business exposed to threats. Security tools that weren’t designed for automation require analysts to manually stitch together insights from many disconnected sources before acting. We need a different approach. It starts with a next-generation firewall platform as the cornerstone of an effective network security strategy. With a prevention-focused architecture, security teams can easily adopt best practices to prevent successful attacks, use automation and analytics to reduce manual effort, replace disconnected point products, and deploy tightly integrated innovations that strengthen and simplify security. This paper describes the evolution of the firewall to “next-generation” and highlights the thirteen key things a next-generation firewall (NGFW) must do to secure your network and your business.

Early on, stateful inspection firewalls classified traffic by looking only at the destination port, such as TCP port 80 for HTTP. As the need for application awareness arose, many vendors added application visibility and other software or hardware “blades” into their stateful inspection firewalls, which they subsequently sold as unified threat management (UTM) offerings. However, since their functions were retrofitted—not natively integrated—UTMs did not improve security. Unlike UTM offerings, NGFWs are application-aware and make decisions based on application, user, and content. The integrated design improves security and simplifies operations. Given the model’s success, the term “NGFW” is now synonymous with “firewall.” NGFW selection criteria typically fall into three areas: security functions, operations, and performance. The security functions correspond to the efficacy of the security controls and your team’s ability to manage the risk associated with the applications traversing your network, without slowing down the business. From an operations perspective, application policy should be accessible and simple to manage, applying automation to reduce manual effort so security teams can focus on high-value activities. Performance criteria are simple: the firewall must do what it’s supposed to do at the required throughput for your business needs. As part of this, new innovations should be tightly integrated and easy to adopt. Although requirements and priorities will vary within these criteria, there are thirteen things your next firewall must do:

1. Identify Users and Enable Appropriate Access.

2. Prevent Theft and Abuse of Corporate Credentials.

3. Safely Enable All Apps and Control Functions.

4. Close Dangerous Policy Gaps.

5. Secure Encrypted Traffic.

6. Stop Advanced Threats to Prevent Successful Cyber attacks.

7. Stop Attacks That Use DNS.

8. Protect Your Growing Mobile Workforce.

9. Extend Security to Your Evolving Cloud Environments.

10. Use a Zero Trust Strategy.

11. Maintain Consistent Policy Across Clouds and On-Premises, Remote, and Mobile Networks.

12. Automate Routine Tasks and Focus on the Threats That Matter .

13. Consume New Security Innovations Easily.

#by paloalto newtworks