The security mainstay is evolving and becoming entrenched into the enterprise as departmental gateways. Deb Radcliff reports.Before pummeling the Vatican website with a distributed-denial-of-service (DDoS) attack in February, members of the Anonymous group probed the site to find the best means to drain it of computational resources. Ultimately, they targeted the site's search window with a specially crafted URL that incorporated common search terms to overload the server.
“If you look at where the action was in the Vatican case, a network firewall couldn't have detected or stopped a DDoS like this because these are expected application behaviors a traditional firewall would simply allow,” says Rob Rachwald, director of security strategy for Imperva, a Redwood Shores, Calif.-based provider of data security solutions which, according to a company blog posted in February, thwarted the attempted intrusion. “Attacks like these are moving up the stack to the applications, so firewalls must also move up the stack to become application-aware.”
Unlike firewalls of 10 years ago, today's “advanced,” or “next-generation,” firewalls, as they are being called, do a whole lot more than allow or deny traffic based on port and destination – so much so that some suggest the firewall name may be passé.
“Firewalls are no longer just firewalls, they're more like multifunction internet communication gateways.”
– Sasha Puric, senior director of IT for Toronto-based Maple Leaf Sports & Entertainment
“Firewalls are no longer just firewalls, they're more like multifunction internet communication gateways,” says Sasha Puric, senior director of IT for Toronto-based Maple Leaf Sports & Entertainment (MLSE). “These multifunction gateways are part of our infrastructure, enabling the business by providing secure communication channels used to outreach and deliver content to our fans over engaging digital vehicles.”
MLSE – with four professional sports teams, five venues and three TV channels – has embraced Facebook, Twitter, gaming platforms and other social media forms to interact directly with its audience. Thus, it can't rely on a traditional firewall that would be unable to distinguish traffic types.
To secure these traffic types, MLSE introduced Dell SonicWALL's Next-Generation Firewalls into its portfolio. This platform recognizes, inspects, allows or denies social media and streaming traffic based on multiple rules, such as location, device, user, application and content.