Traditional firewalls are becoming more and more useless as we extend our networks and build VPN tunnels to remote staff and business partners. But there's a business opportunity for firewall vendors to expand their footprint by expanding their feature set.
Traditional firewalls are becoming more and more useless as we extend our networks and build VPN tunnels to remote staff and business partners. But there's a business opportunity for firewall vendors to expand their footprint by expanding their feature set.If you're in the trenches, as I am, then there's a good chance that in order to satisfy business requirements, you've had to extend your network to a great deal of third parties. As I look now at my Cisco VPN Concentrator, which I'm proud to say I've been running in production for 9 years, I see that I've built more than 30 VPN site-to-site tunnels to various VIP homes, remote sites, and other business partners.
But bringing all of these folks onto the internal network introduces a world of challenges with boundary security, and its driving me nuts. I suspect you have the same problem I do. You've had to build or manage tunnels to firewalls that you may or may not control. If you're lucky enough to control them, you're probably split tunneling Internet-bound traffic directly out the far end of the tunnel. So now you have to deal with all of the viruses and spyware that business partners and employees are pulling in through their BitTorrent clients.
Check Point, et al., are reacting to the breakdown of the traditional network barrier by packaging better SmartDefense and more agent technology into NGX. But more needs to be done. In order to fully protect and analyze attacks in my environment, I need the following mix of products:
Client virus protection
Client spyware protection
Network behavioral analysis
Data leak prevention
SMTP Spam and virus gateway
In the cloud content acceleration, and
As you can imagine, for even a small environment of, say, 500 users, you can easily rack up a bill of $200K trying to build up these capabilities, and that's just in up-front capital costs, never mind ongoing support and maintenance.
But there's an opportunity here for firewall vendors to help organizations of all sizes, but particularly SME's, with their real world challenges. I'd like to see Check Point, Cisco, and Juniper make a few strategic acquisitions and package more functionality into their base firewall offerings. I understand that it's impossible to get seven best of breed solutions in one box. But SME's especially don't need best of breed, they generally need a base level of functionality, and you can't tell me that the Check Point's, Juniper's and Cisco's of the world don't have the resources needed to make that happen. Most SME's can't afford an enterprise NBA tool, but I'd bet they would pay extra for a base level of functionality if it were packaged into a firewall they already are buying.
If Nokia can figure out how to engineer a smartphone that does seemingly everything, then surely Cisco can figure out how to engineer an appliance that will do more for SME's without cannibalizing its existing enterprise offerings.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.