Are firewalls obsolete yet? Even if you don’t know much about internet security, you’ve probably heard the term firewall. You may think of movies about hackers trying to break into computer systems. Today, firewalls serve as the foundation of network security, a central architecture in modern computing. But, are firewalls obsolete yet?
The basics
In cybersecurity, a two-way firewall blocks unauthorized connections to your Wi-Fi and internet connection while controlling suspicious outgoing programs from leaking data.
Experts have been predicting the death of the firewall for years. Encrypted browsers and web applications are replacing traditional network perimeters, they say. And this has paved the way for web and email based attacks. This is due to the rise of cloud computing.
Since traditional perimeters are becoming an obsolete concept, the thinking goes, so are the firewalls that sit astride them. Not to mention that, modern Zero-Trust Network Access protocols would appear to be incompatible with the firewall in principle.
The not-so-basic
Even as the concept of a perimeter has become amorphous, with all the traipsing across networks, through clouds, and into other networks that we do, it might be better to think of countless “microperimeters” that you must secure.
The fact is, networks still haven’t gone fully cloud based. From refrigerators to desk lamps and air filters, households and businesses are continually adding more IoT devices. There’s an awful lot of perimeters to protect.
So: Are firewalls obsolete yet?
Point: Increasing interconnectedness of everything defeats the design of firewalls.
Counterpoint: Firewalls draw a useful boundary between connected networks.
Point: Owning and managing a firewall is an absurdly expensive headache. Firewalls do not justify the expense in terms of actual value provided.
Counterpoint: Really? Average cost for damage control of security incidents is way more than that. Replacement cost and ongoing expenses for firewalls is comparable to other computing devices.
Point: Firewalls block valuable services and reduce utility of the internet.
Counterpoint: Not necessarily. And anyway, the problem isn’t the firewall, but the application. Besides, some applications can gain performance and ease of use benefits from firewalls.
Point: For performance reasons, a firewall is not practical. If I configure my router correctly I can get adequate security.
Counterpoint: A router that is correctly configured to provide security is a firewall. If you’re worrying about the performance of your firewall, buy a fast one. In the future networks will be faster and firewalls will be, too.
Point: Firewalls assume that there is a “boundary” of some sort around the network. Not all networks have clear enforceable boundaries.
Counterpoint: They should; it’s not the firewall’s fault if your network doesn’t have a perimeter. It is a policy and network design problem. As networks evolve there will still be some types of administrative boundaries between them.
Sales are up, guys
As much as everyone talks about Zero Trust and perimeterless, identity based architectures, the firewall market keeps on growing. The fact is, Forrester observed a 26% year-over-year increase in firewall-associated revenue. That firewall vendors are far from becoming obsolete does make you wonder if the claims made by all the Zero Trust vendors are true.
Are firewalls not welcome within a Zero Trust network? If firewalls really are going the way of the US Postal Service, why is the firewall market seeing such growth?
The future of firewalls
A lot of experts believe that firewalls have a future; one that does not lie in additional, more sophisticated traffic filtering capabilities (although these will continue). Instead, they will feature innovative delivery models. Models that’ll makes these firewalls of the future easier to deploy and more relevant to modern IT environments. A few examples of advanced, innovative delivery methods are:
- WAF—A new type of firewall that extends traffic filtering to the application layer. It integrates with threat intelligence and incorporates custom rules that can block many types of malicious application traffic.
- FWaaS—A standard NGFW that comes as a cloud service. Users enjoy complete functionality without having to deploy or manage software or hardware appliances.
- SASE—A networking framework that includes everything needed to deliver and secure connectivity, from SD-WAN to FWaaS, SWG, CASB and ZTNA.
Far from being obsolete, firewalls will be an essential component of the new cloud native environment.
Hardly an overpriced doorstop
Consider that the evolution of firewalls is represented by next-generation firewalls that are cloud hosted. The firewall’s functions are no longer bound by perimeter, they’re placed as access checkpoints that segment the network.
This allows only verified access to the stuff behind them. Before you know it, your company network is “microsegmented,” which is a key tenet of the Zero Trust philosophy. Next-Gen firewalls are segmentation gateways that go beyond traditional firewall abilities.
Even physical, hardware firewalls are not the stale category some might think. The controversy between choosing software or cloud based firewall over a hardware firewall is largely a false dilemma.
That’s because they simply do different things, have different (often interlocking) upsides and downsides, and occupy different places within the security stack. Better to think of them as complimentary rather than competing. Learn more about the different kinds of firewalls.
Firewalls can absolutely exist within the Zero Trust architectures that are being increasingly adopted. They aren’t misfits in the Zero Trust network, but can actually be influential in the way threats are detected and handled.
It’s clear that there will always be administrative boundaries between networks, and that there will always be something to enforce those boundaries. And there will always be firewalls; they’re going to evolve just as they always have. So call it what you want, that web/cloud/software/LAN/WAN infrastructure of yours still needs protecting.
Why don’t you reach out to Corporate Armor, or call 877-449-0458 to find out more, and save money on any kind of firewall, whether it’s Fortinet, Barracuda, SonicWALL, WatchGuard…
Are firewalls obsolete yet? – Firewall advantages
- Can provide performance and ease of use benefits
- Can be influential in how threats are detected and handled in a true Zero Trust architecture
- Firewall’s functions are no longer bound by perimeter