Security

Take These Steps to Build a Unified Next-Generation Firewall Strategy

Effective deployment of next-generation firewall solutions enables agencies to better protect both on-premises and cloud assets.

Frank Oskorep

Frank Oskorep is a senior solution architect with CDW. He is a security engineer with 25 years of experience in IT and consultative sales, with a focus on data, networking and information security.

Next-generation firewalls play a crucial role in protecting organizations against emerging threats. These advanced network security guardians scour inbound and outbound traffic on the network edge and in the data center for signs of intrusions and malicious activity.

Because NGFWs block potentially dangerous data before it reaches its destination, many agencies are considering the technology as an integral component in their cybersecurity programs.

At the same time, agencies are fine-tuning their cloud strategies. Whether they’re adopting an all-in, cloud-first strategy or selectively using cloud services as part of a hybrid offering, the reality is that sensitive data now resides in both on-premises data centers and those run by cloud partners.

Cybersecurity and networking teams must be able to defend that information from an attack wherever it resides, or attackers will seek out the weak points in an organization’s cybersecurity architecture.

Federal IT leaders should integrate their NGFW and cloud computing strategies to better protect organizational assets. The best way to do this is to consolidate on a single NGFW platform and use it across both cloud and on-premises network systems.

NGFW vendors offer virtual appliances and software subscription models that allow for easy cloud deployment, anticipating this approach.

Next-Gen Firewalls Enhance Agencies’ Security Posture

Centralized NGFW management is one of four reasons to consider consolidation. Deploying the same firewall engine across the network provides engineers with a consistent set of tools across the organization. That enables them to work from standard operating procedures as well as use templated deployment models for new installations.

It also eases the process of making changes, updating rules, and applying software patches plus hardware and firmware upgrades.

The vast majority of network security breaches occur because of firewall misconfigurations. When an organization uses a standardized firewall toolset with central management across the enterprise, fewer things can slip through the cracks.

50%

The amount of enterprise data expected to be generated outside data centers in 2020

Source: Gartner, "2021 Strategic Roadmap for Edge Computing," November 2020

Next, agencies should consolidate event logging, analytics and reporting. Using disparate solutions produces disconnected pools of security information, making it difficult for security analysts to identify trends and suspicious activity, and harder to respond quickly to critical alerts.

Deploying a single NGFW platform across an organization consolidates event logs and threat data analytics, allowing security professionals to provide a unified approach to incident response and event management.

A single-vendor solution deployed in a hybrid cloud architecture reduces complexity and improves productivity, which can lead to a more effective NGFW solution.

A Single Security Platform Simplifies Management

Agencies must also consider the advantages of having a single security platform. Most can’t afford to train their teams to effectively support multiple vendor platforms. Consolidating on a single NGFW platform across the agency reduces the need for vendor training and the amount of staff required to administer and manage the firewalls across the organization.

In addition, if an agency has two or three vendor firewalls, with different methods of configuring rules and updating firmware, the chance of mistakes occurring is higher than if there is only one solution, centrally administered and managed by an expert security team.

Finally, bundling on-premises and cloud NGFW needs into a unified vendor solution and contract negotiation can reduce the total cost of ownership. Consolidation allows an agency’s IT leaders to reduce both upfront and ongoing operational costs, and to get economy of scale on subscription and support contracts.

These direct savings alone may justify the cost of the initiative. Instead of having to deal with multiple brands of firewalls in your hybrid cloud environment, agencies can take cost and time savings, and consider implementing other network or security tools to protect the organization, such as web application firewalls and cloud access security brokers.

Agencies that need assistance with an NGFW solution can turn to vendors’ trained solution architects, who can help IT leaders develop a consolidated NGFW strategy that meets their agencies’ security and business requirements. They can also play a role in the installation, configuration and ongoing management of the new platform.

DIVE DEEPER: Find out how to conduct a cybersecurity assessment for your agency.

5 Metrics for Firewall Success

Check these five metrics to ensure that your new firewall is strong enough:

Connections Per Second: Users account for three to seven CPS; devices use one or two. Make sure the firewall can handle a peak load.
Total Throughput: Calculate traffic between network segments as well as within the networks.
Secure Sockets Layer: Find out how the firewall inspects SSL. Certificate inspection has less impact on performance than deep packet inspection SSL.
Number of NGFW Features: The more features, the more impact on performance. You may not need every feature provided.
Maximum Number of Sessions: Know how many individual and concurrent sessions a firewall can support. This is especially important for data centers that may be the target of distributed denial of service attacks.

Millennium Images/Gallery Stock