Perimeter defense

Share this article:

I saw the term “next generation firewall” for the first time while I was researching this year's innovators. I was especially interested because there is a contingent in our field that is beginning to think that the firewall is a dead product type given the other options available and the way the enterprise is evolving into a more and more open network. That, of course, increases the difficulty of perimeter defense because the perimeter is becoming more ubiquitous in the enterprise, instead of simply defining the edge.

We looked at four subcategories this year: unified threat management (UTM), next generation firewall, IPS and wireless security. That last group, wireless security, has been a thorn in my side for the past three years because the definition has shifted dramatically as the genre has encompassed more and different functionality while the wireless world evolves. The selection this year may well end up defining the product type going forward. Worth watching, anyway.

The UTM has been touted as replacing the firewall. Indeed, the UTM is nothing like its earlier definition. The rather limited functionality that defined the product type has given way to what we used to call around the SC Labs “multipurpose appliances.” Everything old and all that. The fact is that today's UTM can do just about any type of protection on the perimeter that we need, whether it is malware, hacking, denial of service, spam or whatever.

That just leaves the intrusion prevention system (IPS) world. That is a game-changer in this particular market segment because the serious players are forced to acquire or develop new technologies that may be out of their specific areas of expertise. Our selection this year is well-aware of that, and we covered it in our discussion.

IPS was a bit of a dark horse early on. Pundits declared that nobody would buy a device that made decisions to shut down processes and connections. These so-called experts claimed that false positives would make the IPS a denial-of-service device instead of protecting the enterprise. Well, that may have happened a bit, but it certainly is not the way things are today.

Share this article:
close

Next Article in Reviews

Sign up to our newsletters

More in Reviews

The more things change...

The more things change...

SIEMs today are powerful beasts and they are necessary - if not always sufficient - for the protection of your enterprise.

UTMs are still defining themselves

UTMs are still defining themselves

A few years back, I boldly predicted that UTMs would merge into a single product type with gateways and SIEMs. Boy, did I get that wrong!

Pen testing or hacking?

Pen testing or hacking?

We are "ethical hackers" or "white hat hackers." We are penetration testers. Never let us be aligned with the mass media's view of hackers.