Technological innovation has changed security as we know it. We live in a fast-paced, digital world, and agile enterprises have embraced the rapid delivery of new technology and digital services as a means to stay competitive. At the center of this transformation is a DevOps model and the move to cloud computing for faster and more efficient delivery of digital services. This transformation has made the pace at which security was delivered in the last 20 years irrelevant. Subsequently, this change makes organizations choose between agility and security.
I see many organizations who’s pace of innovation is significantly hurt by the legacy firewalls they rely upon for security and compliance. Their DevOps race cars are shackled to old school network security appliances. Sadly, the legacy firewalls are also not very effective in stopping modern threats. So organizations are often both exposed and slow as a result of relying on legacy firewall appliances for security.
Technological innovation and firewall facts
To gain a deeper understanding of our observations, Guardicore sponsored a research project with the Ponemon institute. We surveyed over 600 security professionals in the United States about how they use legacy firewalls in their organizations. One of the most obvious trends we saw was that legacy firewalls are ineffective in protecting applications and data in the cloud. Another big finding was that legacy firewalls kill flexibility and speed. Both of these are clearly detrimental to businesses.
Allow me to explain further. As organizations flock to cloud and hybrid infrastructures, applications often migrate among different environments, increasing inter-segment traffic. The rapid proliferation of applications is creating an ever-larger attack surface for hackers to target. These services bypassed the stateful firewalls on the perimeter as they delivered information and files directly to the end user.
As for why this is happening, the answer is that legacy firewalls simply haven’t kept up with today’s world. In fact, the last true innovation in firewall appliances was a good 15 years ago, and the IT landscape has profoundly changed since then.
Legacy firewalls are out; software-based segmentation is in
Digital transformation has presented the world of business with many exciting opportunities. At the same time, it has pushed legacy firewalls way past their originally intended purpose.
As the first line of defense against outside intrusion, legacy firewalls have been, without question, a boon to the evolution of the internet. However, as data breaches proliferated, organizations quickly realized they couldn’t just protect against outside threats. After all, what would happen once someone got past perimeter defences? Clearly they had to do something to mitigate threats inside their networks and data centers as well.
This led to the concept of segmentation — the creation of restricted “zones” for groups of applications in the network environment. Network and data center segmentation has typically taken the form of virtual local area networks or VLANs, partitioned and secured by the same firewall technology that enforces north-south traffic at the perimeter. However, as technologies continue to evolve, these methods have become lengthy, costly, and complex.
Here’s how VLANs work (or don’t)
If you’ve been using VLANs up until now, you’ll know how ineffective they are when it comes to protecting legacy systems. VLANs usually place all legacy systems into one segment. What does that mean? A single breach puts them all of the segments in the line of fire. Yeah – it’s not good.
VLANs rely on firewall rules that are difficult to maintain and do not leverage sufficient automation. This often results in organizations accepting loose policy that leaves your environment open to risk. Without visibility, your security teams can’t enforce tight policy and flows, not only among the legacy systems themselves, but also between the legacy systems and the rest of a modern infrastructure.
It’s time to rethink firewalls
I’m excited to share that here at Guardicore, we are revolutionizing the segmentation field by delivering distributed firewall controls that are completely decoupled from the underlying infrastructure. This modern-day approach removes the most significant obstacles to security efficiency: slow implementation and severe operational impact.
As Buckminster Fuller once said, “We are called to be architects of the future, not its victims.”
The industry changes we have witnessed over the past three decades are precisely why we founded Guardicore. We ourselves come from a background where we have experienced the same challenges you are experiencing, and we are thrilled to embrace and share the innovations of the future. We continue to hold the vision and the goal of reinventing enterprise security to place greater emphasis on security beyond the traditional network perimeter. This makes our organizations and ultimately, all of us, safer.
Now is the time to embrace better alternatives to legacy firewalls. Together, let’s enable rapid innovation and digital transformation while also protecting those digital assets that matter most.
To learn more about the findings in this report and our solution, please download our free ebook, “Rethink Your Firewalls to Meet the Needs of Digital Transformation”. We look forward to sharing this journey to success together. Here’s to technological innovation – and the successful security that supports it!