Authored by: Phil Trainor, Director, Security Solutions, Keysight Technologies
Firewalls are an old technology that have been around now for decades. Although they have been tweaked with new features and functionality over the years (e.g. intrusion prevention, advanced threat prevention, secure web gateway etc.), and given fancier sounding names like 'Next-Generation Firewall' - their typical deployment model has remained consistent i.e. place this box at the perimeter of your corporate network to control what comes in and what goes out. That is until more recently, when Firewalls started appearing in new and unfamiliar places.
In recent years the traditional well defined, and specifically located, network perimeter has been dissolving, due to trends such as software-defined infrastructure and applications, cloud, bring your own device, and remote-first work environments. Though these trends have been underway for years, they are becoming even more pervasive since the start of the Covid-19 pandemic – and many believe that they will continue after the pandemic has subsided. With the traditional network perimeter severely marginalised security protections, including firewalls, have had to adapt to new deployment methodologies to stay relevant.
When a perimeter is weak, you have to assume what's inside is vulnerable to attack and that you can trust no one. This commonly called a zero-trust security model. There are a number of security techniques designed to help in a zero-trust model such as authentication, network access control, identity management, encryption, policy automation – and yes still firewalling too. But where and how do you deploy firewalls when the threats could manifest themselves anywhere including at your DMZ, deep inside your data centres, on your SD-WAN, inside virtualised/containerised application environments, in-home/remote offices, or in the cloud.
Firewall technology is now deployed in different places, and though it might have the same features and run common software, is being marketed with different names depending on how and where it is being deployed – e.g. North-South Firewall at the traditional network perimeter, East-West Firewall inside the internal network, Micro-segmentation Firewall within fully virtualised infrastructure, Firewall as a Service for Cloud etc. These Firewalls might still be physical appliances (e.g. deployed at the corporate internet connection, or attached to internal leaf service nodes), virtualised appliances (e.g. deployed within a hypervisor, or in SD-WANs), sidecar containers (e.g. in Kubernetes), or in the cloud (e.g. offered as part of a Secure Access Service Edge). It is also important to note that except for some newer fully cloud-native organisations, most enterprises continue to need all or most of these deployment models.
In short firewalls continue to be an important part of corporate security strategy, what has changed is where and how they are being deployed. What has not changed is the need to properly test and deploy firewalls so that they do their job in a reliable way. Keysight Technologies has for many years, offered solutions to stress test the effectiveness of firewall technology, and as well as resiliency technologies such as high availability bypass. Keysight now also offers these solutions in a complement of physical, virtualised, containerised, and cloud format, so that regardless of where your Firewalls are appearing these days, Keysight can still help keep them running optimally.