First things first: Refresh your firewall

Share this article:
Max Huang
Max Huang
I've never known an organization's CSO or CIO to admit they managed a larger budget than they needed, and the prospects don't look much more promising moving forward. Gartner predicts small and mid-size industries will see a slight increase of five percent to their IT expenses, but most certainly won't cover all the deferred capital expenditures on the list.

So that begs the question – what to do first. For my money, I'd start by refreshing the firewalls.

Here is why: Such equipment is typically the first line of defense, with individual hackers, organized crime gangs and terrorist groups of all size and sophistication continually developing new ways to infiltrate and control a company's network for a host of reasons, be it to gather competitive intelligence or leverage the systems to perform additional cyberattacks on other entities. This trend is compounded by the increased use of cloud computing and other applications that reside outside the direct controls of an organization.

While the threats are ever present and ever changing, many companies are still using the same firewall systems that they installed some time ago. Regular updates and patches might be better than doing nothing, but most first-generation products have neither the protocol filtering or application awareness to effectively deal with current and emerging threats. That leaves the probabilities for network intrusion high.

The need is certainly there, but realities for small to mid-size companies is that replacing or updating existing firewalls must be done with the full understanding that there's no do-over. Money isn't available to replace them again if an IT department gets it wrong. So here are some things to consider when choosing your new systems:

  • Ensure the firewall implemented is multifunction and capable of protecting such processes like data transmission, categorization, route selection, network services categorization, security policies and access control, packet signature matching and bandwidth allocation.
  • Verify these functions can operate at full line speed.
  • Check to see if the firewall is convenient for IT administrators to manage.
  • Be certain that purchasing a new system doesn't come with long-term hidden support costs that oftentimes bust, or at the very least, stifle budget plans.

What remains clear is that CIOs and CSOs who don't do anything about refreshing their firewalls wind up paying much more over time for impacts caused by today's increasingly sophisticated cyberthreats. Failure to defend the “front line” of IT networks will also cause cascading damage to other security systems. Even if nothing else gets purchased this year, I would strongly recommend that companies declare replacing or upgrading their firewalls is priority No. 1.


Max Huang is the founder and CEO of O2Security, a wholly-owned subsidiary company of O2Micro. The company is a manufacturer and marketer of network security appliances, management tools and disaster recovery offerings for small- to medium-businesses, as well as remote/branch offices, large enterprises and service providers. Huang can be reached at max.huang@o2security.com.
Share this article:
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

An IT lens on data breach response

An IT lens on data breach response

This heightened awareness regarding data breach response time has created an interesting dynamic for security professionals.

Ensuring your developers love - or at least don't hate - security

Ensuring your developers love - or at least ...

The relationship between development and security doesn't need to be hostile, and there are ways to engage developers more with security.

Backing diversity lowers the bar?

Backing diversity lowers the bar?

Many groups have striven to cultivate a more welcoming workplace, says Alison Gianotto.