First things first: Refresh your firewall

Share this article:
Max Huang
Max Huang
I've never known an organization's CSO or CIO to admit they managed a larger budget than they needed, and the prospects don't look much more promising moving forward. Gartner predicts small and mid-size industries will see a slight increase of five percent to their IT expenses, but most certainly won't cover all the deferred capital expenditures on the list.

So that begs the question – what to do first. For my money, I'd start by refreshing the firewalls.

Here is why: Such equipment is typically the first line of defense, with individual hackers, organized crime gangs and terrorist groups of all size and sophistication continually developing new ways to infiltrate and control a company's network for a host of reasons, be it to gather competitive intelligence or leverage the systems to perform additional cyberattacks on other entities. This trend is compounded by the increased use of cloud computing and other applications that reside outside the direct controls of an organization.

While the threats are ever present and ever changing, many companies are still using the same firewall systems that they installed some time ago. Regular updates and patches might be better than doing nothing, but most first-generation products have neither the protocol filtering or application awareness to effectively deal with current and emerging threats. That leaves the probabilities for network intrusion high.

The need is certainly there, but realities for small to mid-size companies is that replacing or updating existing firewalls must be done with the full understanding that there's no do-over. Money isn't available to replace them again if an IT department gets it wrong. So here are some things to consider when choosing your new systems:

  • Ensure the firewall implemented is multifunction and capable of protecting such processes like data transmission, categorization, route selection, network services categorization, security policies and access control, packet signature matching and bandwidth allocation.
  • Verify these functions can operate at full line speed.
  • Check to see if the firewall is convenient for IT administrators to manage.
  • Be certain that purchasing a new system doesn't come with long-term hidden support costs that oftentimes bust, or at the very least, stifle budget plans.

What remains clear is that CIOs and CSOs who don't do anything about refreshing their firewalls wind up paying much more over time for impacts caused by today's increasingly sophisticated cyberthreats. Failure to defend the “front line” of IT networks will also cause cascading damage to other security systems. Even if nothing else gets purchased this year, I would strongly recommend that companies declare replacing or upgrading their firewalls is priority No. 1.


Max Huang is the founder and CEO of O2Security, a wholly-owned subsidiary company of O2Micro. The company is a manufacturer and marketer of network security appliances, management tools and disaster recovery offerings for small- to medium-businesses, as well as remote/branch offices, large enterprises and service providers. Huang can be reached at max.huang@o2security.com.
Share this article:
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.

When it comes to cyber attacks, predictions are pointless but preparation is key

When it comes to cyber attacks, predictions are ...

Rather than predicting the next lightning strike it is far better to pay attention to the areas we already know are vulnerable.