Firewalls have been a mainstay for cybersecurity for many years, but they aren’t perfect tools. Despite advances in internet and device technology, basic firewalls haven’t changed much since their inception. But researchers and IT experts are working tirelessly to improve the foundational model and provide a better layer of protection for firewall users.
The firewall basics
Firewalls aren’t especially complicated, but they can work in a few different ways. All firewalls can be customized with specific criteria, allowing certain types of data to pass through while stopping others from passing into the network. Packet-based firewalls allow or deny specific packets entry to the network based on those protocols. Other types of firewalls retrieve the packets themselves as a kind of poison tester, before passing them onto the network. Most firewalls exist as an appliance or application, used in conjunction with your network.
How firewalls are evolving
So, how is this basic model starting to evolve?
- FWaaS. One major development in the firewall space has been the popularization of firewall as a service (FWaaS). FWaaS is cloud-based.Working much like a cloud storage system or similar cloud platform, FWaaS provides a layer of firewall protection to your network, no matter how remotely located it is or how many new links you add to the network. According to Cato Networks, this is advantageous because it means the firewall is more reliable, and covers a wider distance. In most cases, it’s more cost-effective as well. Plus, cloud-based firewalls are often updated automatically by providers, allowing for a mode of constant improvement.
- Lower costs. Firewalls are also getting less expensive. The tools necessary to create and maintain firewalls are becoming open-source and more available, and firewall management is becoming more intuitive thanks to better user interfaces. Overall, this means companies have to spend less time managing firewalls and less money getting the physical accessories necessary to maintain it.
- Higher throughput speeds. Throughput speeds are getting faster, which is good, because internet speeds are getting faster, and users won’t tolerate a slowdown just because the firewall needs extra time to kick in. Because the firewall takes action on data packets before passing them along (no matter what type of firewall is in effect), the time between requesting and receiving data is increased significantly under normal circumstances. Modern firewalls are becoming more advanced, enabling them to complete this process faster, and reduce lag in retrieving information.
- Awareness of users and applications. Traditional firewalls operate almost exclusively in layers 2 and 3 of the OSI model, in the network and data link, dealing with packets and frames. But modern firewalls are taking things a step further, according to findings by NSS Labs, improving awareness of applications and users. This gives firewalls more options in terms of blocking and allowing access to data, and gives organizations a wider berth of coverage to protect their systems. For organizations with hundreds of users and dozens of core applications, this functionality is indispensable.
- Third-party and multi-factor authentication systems. Authentication is a pivotal step for most firewalls, verifying that data has come from a trusted source and that the users attempting to access that data have the authorization to do so. Newer firewalls have more advanced means of authenticating; for example, they might partner with third-party authentication systems to define and/or allow certain groups of users access to specific information, while denying others. Multi-factor authentication can also use multiple protocols to ensure the validity of a given user (or packet of information).
Your cybersecurity should be one of your biggest priorities, so your firewall demands your attention and investment. Despite advances in other areas of cybersecurity, your firewall is still the first line of defense you have against the cybercriminals who would compromise your data, and the malware that could otherwise infiltrate your systems. Pay attention to these keystone developments, and make sure your firewall is upgraded enough to provide the best protection.
Anna Johannson, Writer
[ISACA Now Blog]