**This post was originally published on IronBow's Blog, here.
Cybersecurity is on the mind of most everyone with the latest attacks, Executive Order and one of the biggest conferences of the year RSA 2013. We’ve asked our partners to let us know what is top of their minds. Guest blogger, Isabel Dumont, Director of Industry Solutions at Palo Alto Networks discusses how next generation firewalls have taken center stage in this new environment.
The recent Executive Order issued by the White House is a great step forward to ensure that cybersecurity remains top of mind for both the private and public sectors. Other governments around the world have also pushed for similar initiatives recently and one common takeaway is that network security is being more systematically called out in cybersecurity discussions and is even taking center stage. Some analysts have even commented that network security will remain the largest cybersecurity submarket for the next 10 years.
Why? The network remains the one place where organizations can see all traffic in and out of their infrastructure and where they can identify with the right firewall technology whether a cyber attack is underway and block it.
The primary function of the network firewall is to monitor and control traffic on the network for security purposes and determine which traffic should be allowed through or not, based on a predetermined set of security policies.
Unfortunately, the rapid adoption of mobile computing, cloud computing and data center virtualization has made it hard for traditional port-based firewalls to keep up with the more advanced techniques used by cyber attacks to infiltrate networks. Application developers have been known to implement applications on any port that is convenient. Some applications are even designed from the outset to circumvent traditional security solutions by using evasive tactics such as port-hopping, hiding within SSL encryption or tunneling within commonly used services.
Similar evasive tactics are used by cyber attacksto hide threats within authorized applications.
The result has been a steady erosion of the effectiveness of traditional network firewalls that are based on ports to manage network traffic and therefore, security professionals should take immediate action to restore the effectiveness of their network firewall.
The most basic step is to implement firewall solutions that provide full visibility and control into application traffic – this means being able to view traffic across all types of applications and users. The real key is the need for full, consistent visibility, control and monitoring of all application traffic and the systematic elimination of unknown traffic.
Next-generation firewalls have emerged as the network security solution of choice for tackling the new application and threat landscape. Palo Alto Networks has pioneered many of the innovative functionality behind next-generation firewalls to safely enable applications and cloud deployments, and allow strong and granular segmentation options based on application, user and content. Finally, with Palo Alto Networks, the content can be monitored for threats without any degradation of network performance.
If interested, you can read more about next-generation firewalls and what makes them uniquely suited for stopping modern cyber threats by getting your own copy of the 2013 Gartner Magic Quadrant for Enterprise Network Firewalls at: http://connect.paloaltonetworks.com/gartner-mq-2013/