Firewalls are the first line of any organisation’s defences. They are the ‘sentinels’ of the network, standing guard and controlling traffic entering and leaving the network, blocking potentially dangerous or unknown traffic that may threaten the organisation.
However, too many organisations have firewalls that are outdated and old, and need to be replaced by designs with integrated and better features, deployment and control flexibility, and greater scalability and performance, says Jayson O’Reilly, executive director of sales and innovation at DRS.
“McAfee’s firewall technology helps future-proof the firewall to deal with changing business demands and the ever-growing threat landscape. In the past, firewall rule sets have been complex and disjointed, causing frustration and increased costs. Moreover, we’ve had to add other technologies to deal with load balancing, intrusion prevention, VPNs, and threat analysis, not to mention the mountains of logs. Today’s solutions bring far more intelligence and adaptability into one solution.”
He says there are several features organisations should demand from their next generation firewalls (NGFWs). “The end goal is securing the availability and integrity of critical networks as more and more users access the network and threats grow in volume and sophistication. Your NGFW must be able to keep up with shifting business requirements, budgetary constraints and evolving cyber crooks.”
“Firstly, they must have built-in high availability and load balancing for operational resilience and handling growing data loads, and contextual security that provides fine-grained access control to reduce risk and manage usage,” he says.
In addition, automated, advanced evasion detection that can block and report on the unknown and
evolving techniques enabling targeted and persistent threats is a must. “A unified software platform that supports adaptive network security and flexible deployment of next-generation features with visibility and operational efficiency should be a given with any good firewall.”
Built-in intelligence-aware capabilities are also no longer optional, says O’Reilly. “These capabilities leverage the critical data provided by a larger security ecosystem, including SIEM, endpoint protection, sandboxes, and global threat intelligence networks.”
However, he says to bear in mind that as vital as making the right NGFW choice is, it cannot be made in isolation. “There is no single tool in the security chain that can be deemed a silver bullet, NGFWs included. Today’s advanced threats will still happen if attackers are patient and persistent. McAfee Next Generation Firewall’s expanded threat ecosystem accelerates discovery and remediation of advanced threats across large networks, integrating intelligence-aware security controls that leverage information across distributed security solutions.”
According to O’Reilly, because the McAfee solution integrates with SIEM, it simplifies correlation and de-duplication of logs and alerts. “By enabling real-time situational awareness as well as continuous monitoring and alerting of compliance status, security is greatly boosted, and response times vastly improved.”
Moreover, McAfee’s integration with endpoint protection leverages contextual data on both users and host systems, offering useful insight into endpoint security postures. This in turn enables the fastest response to even the newest threats. Finally, the product’s integration with sandboxing offloads detailed inspection of suspect files for rapid threat feedback without affecting network performance, enabling organisations to quickly detect zero-day threats, concludes O’Reilly.