For over two decades, the firewall has been the de-facto tool that facilitated secure connectivity between different networks. Firewalls were traditionally designed around the idea that internal traffic and users were inherently trustworthy and external traffic wasn't. Thus, the firewall was deployed to create a trust boundary -or perimeter -between networks. This network perimeter became the logical security control point to protect an organization's network, data, users, and devices. What's more, all network traffic (whether originating from the corporate headquarters, its data center, or remote workers) was funneled through this single control point, making it easy to maintain that trust boundary and establish consistent control. Life was good.
Then the world went digital
And when it did, the way we worked, consumed data, and exchanged ideas transformed. The introduction of the "cloud" further compounded things: many of our business-critical applications started moving from our data centers and premises-based networks to places we no longer owned or controlled. At the same time, our branch offices started directly connecting to the Internet to consume services that are now more frequently hosted outside our data centers. And users began accessing more and more resources from their personal devices everywhere but in the office.
As our networks have become far more interconnected, the notion of a single perimeter or control point no longer exists. The industry has been abuzz for some time about the "dissolving perimeter" and whether the firewall is even necessary anymore. I would argue that not only is the firewall more relevant than ever, we now needmorefirewallseverywhere-on our premises networks, at branch offices, at the gateway and within our data center, in the cloud, on devices, and even within our application workloads.
From macro to micro
Instead of a single perimeter we now have multiple "micro-perimeters" across a variety of networks, devices, users, and data. Typically, each of these new "perimeters" is secured by adding different point technologies, which require a lot of manual intervention just to get going. Couple that with the significant shortage of available talent to manage all these new devices and we've got an even bigger challenge. As a result, organizations are struggling to operationalize their disparate security solutions to maintain consistent policies and uniform threat visibility. Network complexity? Check. Network security complexity? Check. Misconfigurations and inconsistencies leading to exposures and breaches? Check mate!
And while we're struggling to get a handle on all this complexity, our adversaries continue to unleash more sophisticated threats more frequently across more threat vectors. In fact, the average reported rate of data breaches was 46% in 2018, up from 24% in 2017, according to the 2018 Global Threat Report. This steep climb in reported breaches is a testament to the increasingly sophisticated methods bad actors are using to infiltrate our networks; the growing rate of their success shows just how ineffective the status quo is against modern threats.
And here we are
It has become painfully obvious that we've lost visibility and control. We no longer have a good understanding of where our users and data go nor how exposed our businesses are. It's hard to determine what's communicating with what, or if we've even been breached, until it's too late. And the pace of change is accelerating as more businesses embrace digital transformation, creating a perfect storm of opportunity for motivated hackers. And a perfect headache for those of us tasked with security. Where do we start to get a handle on it all?
It's time to rethink the firewall
The importance of the firewall hasn't diminished -in fact it's more relevant than ever -but we need to think differently about it. We must go beyond form factors and physical or virtual appliances to embrace firewalling as a functionality. Firewalling needs to be about delivering world-class security controls -the key elements for preventing, detecting, and stopping attacks faster and more accurately -with common policy and threat visibility delivered where you need it: in the data center, in the cloud, at the branch office. So you're protected everywhere.
At Cisco, we've been hard at work bringing that vision into reality, so you can build your strongest security posture for today and tomorrow. Stay tuned to The Future of Firewalling blog series to hear about it. And visit cisco.com/go/ngfw to learn more about Cisco Next-Generation Firewalls.
Coming soon:
The Future of Firewalling, Part 2: Don't let complexity ruin your security