sb-eu logo
Story image

Ramping up security with next-gen firewalls

11 Dec 2018

Article by A10 Networks EMEA director Ronald Sens

In corporate networks, the classic defence against malware and other external attacks is typically split between two solutions: a firewall and a traditional antivirus program.

The firewall is similar to a gate that only allows authorised personnel into the network and the virus program is a guard capturing those who attempt to sneak in undetected.

Balancing act

The classic defence of using two solutions was put into place because neither solution alone could accurately protect the network.

The two needed to work together in order to achieve maximum effect and coverage.

Traditional firewalls simply followed predetermined web protocols and lacked the intelligence of next-generation firewalls.

This means the classic firewall lacked the ability to distinguish between different kinds of web traffic.

The inability to distinguish between legitimate traffic and abnormal malicious traffic meant that firewalls either accepted or rejected all the traffic sent its way.

Enterprises needed a more robust form of security with newer, more complex, rules.

This is why traditional antivirus programs were paired up with firewalls.

Antivirus software is reactive, and while these programs can deal with a threat, they only do so once that threat has entered the network.

Depending on the number of threats attacking simultaneously and the sophistication of the attack, an antivirus program is not powerful enough to keep the network safe.

However, when paired with a firewall that prevents all traffic entering the network the antivirus has the chance to scan the traffic and identify it.

The antivirus can distinguish between the good and the bad traffic and relay this information to the firewall so it can only let in the approved traffic.

This system works, but it is flawed.

Time is wasted waiting for the antivirus to identify the traffic and inform the firewall, and if one of the two was to go down, then the whole system crashes.

This kind of defence used to be enough, but as enterprise networks get more complex and the types of external threats become more varied, having two separate solutions working together becomes insufficient.

The next-gen firewall

The problem surrounding a two-solution balancing act can be addressed by next-generation firewalls.

This solution intelligently recognises users who have permissions to prevent unauthorised attackers and malicious infiltrators from having access, and in some cases, outright destroys the invader.

In order for it to guarantee this comprehensive protection, an extensive amount of data and files are fed into the program in advance and broken down extensively.

With the assistance of machine learning, it can be proofed against all known malware and viruses, and can adapt to future threats.

It can also distinguish between normal and abnormal behaviour from users within the network.

This analysis enables it to detect malware in real-time using digital DNA and thereby prevent the majority of malicious attacks.

Story image
Bring Your Own PC security to transform businesses within five years - Gartner
“Prior to the COVID-19 pandemic, there was little interest in BYOPC."More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Lazarus Group linked to phishing attacks on cryptocurrency sector
In this case, the attacks were launched through a phishing document sent via LinkedIn to employees at the targeted organisation. This phishing document was styled to look like a job advertisement for a role in a blockchain company.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More