Fixing cyber security issues one next-generation firewall at a time to prevent ‘broken window’ scenario
When did you last check your firewalls as a barrier to entry against cyber criminals? And, perhaps more importantly: does your organisation still rely on a legacy firewall, or has it upgraded to a next-generation firewall (NGFW)? And have you considered the ‘broken window’ principle when looking at your internal cyber security posture, in order to have a positive effect on your business processes?
These questions are posed by Stefan van de Giessen: General Manager: Cyber Security at Networks Unlimited Africa, who says: “The broken window theory rests on the idea that a neighbourhood or community that appears to be orderly and well-kept will be less susceptible to crime. Conversely, one that has many broken windows, or other visible signs of civil disorder, sends out the message that ‘you can more likely get away with committing a crime here'. At Networks Unlimited Africa, we are applying the ‘Broken window’ principle when looking at our internal cyber security posture and how it affects business processes.
“In other words, we are enabling our clients to protect themselves from a ‘broken window, broken business’ situation. As for firewalls, they are designed to carefully analyse incoming traffic based on pre-established rules, and then filter traffic coming from unsecured or suspicious sources to prevent attacks. Today, however, it is commonly accepted that traditional firewalls are not sufficient against today’s threats.
“Instead, an NGFW is required to help in protecting your network. To use our broken window analogy, you could think of an NGFW as being like a window made of shatterproof glass, compared to a legacy firewall which is more like a traditional pane of glass. Both types of glass will offer protection from the elements as well as intruders, but the NGFW compared to the legacy firewall is better at resisting pressure from people with ill-intent.”
An NGFW is a type of third-generation firewall with advanced security features that enable it to detect and block malicious traffic that previous generations could not. Capabilities found in most NGFWs include deep packet inspection, intrusion prevention systems, IP reputation, application layer inspection, application awareness, and using intelligence feeds. An NGFW can do anything a traditional firewall does, but better, while offering additional security features.
Van de Giessen adds: “Previous generations of firewalls only used information from the fourth layer of the OSI model to inform their actions. NGFWs, on the other hand, can inspect traffic and use information from Layers 2 to 7. Being able to inspect the seventh layer, the application layer, is significant because the application layer is where data interacts with the user, and it is increasingly used as an attack vector.
“In today’s threat landscape, in which organisations are under constant attack, those in charge of networks need secure solutions that increase network visibility, enable immediate threat intelligence sharing, and unlock automated threat protection at all network edges.”
Van de Giessen says Networks Unlimited looks for an NGFW that will provide real-time and intelligent protection against malware and emerging threats, as well as zero trust networking, with two-factor identity authentication.
“Another plus would be the ability to facilitates virtual vulnerability patching – you could think of this as having the shatterproof glass able to be mended in the event of cracks that may have been able to pierce the window pane after all,” he adds.
“People think that a firewall protects the organisation from risk and absolves them from liability. But, you have to have the right firewall and configuration in the environment to be effective – it is becoming imperative to improve the protection of your business with a Gartner-rated firewall due to the complexity of today’s risk landscape, and the need to protect the end-user,” he concludes.