Think beyond the firewall, say security experts

by Sohini Bagchi    Aug 02, 2013

security cloud

Cloud computing, virtualization and bring your own device (BYOD) are driving the need for security in an organization. CIOs and security professionals are realizing that perimeter-based security options like firewalls and access controls clearly do not fit into the new technology scenario. Some even believe that firewalls by themselves are insufficient to protect the network from intrusion. While these can be excellent applications to secure the network, there are a number of other vulnerabilities that firewalls are not equipped to address. Experts believe with security moving beyond corporate networks, it becomes imperative for CIOs to think beyond the firewall.

Identity - the new perimeter

According to some, migrating to an identity-based security approach will be better for most organizations in the long run. “You can’t lock down by firewalls any more – you can’t even really lock down by application access anymore because you’re getting portions of an application from different services and different providers,” Andi Mann, Senior VP at CA Technologies mentions at in a recent webinar.

it is also a much cheaper option than investing in hardware and allows more flexibility. Most importantly, the identity-based approach allows CIOs to focus on whom to allow the access and the source of attack. Mann points out that consolidated identity access management is not new, but the shift to mobility and cloud-based services have accelerated its importance in recent times.

Next generation firewall

Of all the emerging technologies, cloud computing has raised maximum security concerns. According to Vishak Raman, Senior Regional Director, Fortinet India & SAARC, with most companies migrating a section of their applications to the cloud, traditional firewalls will cease to exist in the cloud environment. Instead, CIOs will be compelled to look at next generation firewall.

A Gartner research shows that about 10% of enterprises currently have next-generation firewalls in place, and that figure is expected to reach 38% by 2016. “Next-generation firewalls for example can identify application traffic, withstand various new attacks, support cloud technologies to prepare for future threats and going forward, next-generation firewall will be a shield for the future,” he says.

A holistic approach

This clearly suggests that enterprises should gradually move to an environment that requires more than just installing a firewall at the Internet gateway. There has to be a more intelligent and holistic approach to enterprise security. “What’s basically required is a more comprehensive distributed system incorporating intrusion protection, vulnerability scanning, virus and malicious code scanning, virtual private networking and internally deployed firewalls,” Vaidyanathan Iyer, Country Manager, Security Solutions, IBM India/SA. Companies who rely on a standalone firewall at the Internet gateway are locking the door, but leaving all the windows open. Regardless of how good the lock may be, everything inside is at risk.

However, Iyer also points out that next generation security monitoring, maintenance and management is expensive and requires highly skilled professionals. It will rely more on real time information and strong analytics to back it up. Therefore, while, the idea of moving beyond security perimeter is excellent, experts believe the concept is still nasent and will make a mark once vendors and partners create a greater level of awareness, assuring users a new level of network visibility and reliability with their offerings.