When determining the operational costs of running an enterprise network, the noted research firm Gartner says that 80 percent of the total IT costs occur after the initial purchase. The significance of recurring operational costs is not always realized by organizations that are mainly focused on short-term investments.
Correct configuration is fundamental for network security. In the end, systems and technologies will not be robust if setup is incorrectly configured and contains critical security holes. Misconfiguration is, in fact, the result of human error, which is the leading factor in security failures. As much as 80 percent of unplanned outages are due to ill-planned changes made by administrators or developers. On top of security concerns, fixing issues causes extra work, which eats into profitability. Misconfiguration also leads to increasing network complexity and makes overall control and troubleshooting more challenging.
According to the global next-generation firewall (NGFW) study conducted by Forcepoint, most enterprises prefer to manage their network security themselves despite the clear trend toward outsourcing management to third parties. Security outsourcing is still considered risky, and enterprises themselves prefer to have network visibility, full control and the independence to make their own decisions about changes.
Based on the survey, it is clear that management capabilities play an extremely important role in overall satisfaction with NGFW solutions. Manageability and centralized management tools in particular were flagged as important areas with which enterprises are not happy. The more distributed the network gets, the more essential remote management capabilities become.
In practice, all NGFW solutions on the market offer a centralized management system, which is generally considered a must-have. However, the real usability and robustness of management systems greatly differ between vendors. Some important points to consider when selecting between NGFW technologies are:
1. The available tools for essential tasks across the whole operational lifecycle.
2. The ability to streamline real-world operational workflows.
3. The scalability to support network growth.
4. The number of resources required to manage the network.
5. The system’s long-term total cost of ownership (TCO).
The level of compliance with many key capabilities cannot be understood just from paperwork but requires testing, investigation and familiarity with system architecture. Simple product demonstration is not enough to prove that a system is robust in real-world network operating conditions, so it is essential to dig deeper into the real management capabilities of NGFW systems.
Implementing proper tools that meet the real needs of network security administrators often needs thorough and long-term understanding about customer processes. In addition, when management tools are all built in rather than bolted on, navigating between functions and getting a holistic picture of the network is only possible when different functions “talk to each other.”
The Forcepoint Security Management Center, which is part of Forcepoint Next Generation Firewall, provides a single “pane of glass” for management tasks across the management lifecycle. The Forcepoint Security Management Center is developed in-house and has all tools built into one system – without the limitations and complexity of rigid blade-type architecture. From the beginning, the Forcepoint Security Management Center has been designed to scale for large networks and remain responsive despite network growth.
Management systems are vital to network security – and their lifecycle costs are high. Their importance grows with the tendency for networks to get more and more complex. Network management systems for NGFWs currently on the market are not all the same. They differ greatly in terms of how they support daily routine tasks, how well they automate workflows, how well they scale and how they are licensed. With these challenges in mind, customers should take a closer look at their potential NGFW vendors and compare their management solutions.
By Joshua C. Douglas, CTO, Forcepoint