When security specialists run tests on a network protected by a next-generation firewall, they often discover weaknesses that all but invite hackers into the network to do a little digging. These tests are conducted using a sort of hacker’s playbook that contains a variety of known methods that hackers use to access a network and the vulnerable data traveling through it.
In many cases, enterprises using next-generation firewall tools are not getting the full benefit of the firewall because of configurations that are not up-to-date for the current network or because of legacy security approaches.
The benefits that a next-generation firewall offers are due to its ability to prevent a breach at the application and user level, rather than through ports and protocols. In general, these types of policies should be easier to administer, but mistakes still abound. Errors often occur when the security team employs auto-migration tools when they migrate an existing firewall policy. A breach test can help identify these problems and ensure that any potential weakness in security is addressed.
Many users also run into problems when they simply implement the firewall with vendor-supplied defaults. Like any other tool, the updated features are only helpful if you utilize them. In some situations, those features that make it “next generation” are never turned on.
Another common problem occurs when the security team doesn’t decrypt encrypted traffic, such as TLS, SSL, and SSH, because it can act as a blind spot. IT team members won’t spot the malware hidden in the traffic. While a next-generation firewall can prevent and detect this type of problem, the feature often isn’t utilized.
There is growing momentum to address these kinds of problems, whether it’s voluntary or not. For instance, to rank well in Google’s search engines, companies must comply with Google’s HTTPS encryption requirements.
Another growing area of concern surrounding firewall preparedness is the Internet of Things (IoT). Enterprises are launching fleets of devices that gather and transmit data via sensors, but security teams may not be taking the necessary precautions to protect their networks. These devices are exchanging heavy loads of data with the cloud, with many touch points along the way. In addition, the risk of loss or theft with these devices means that there needs to be a policy established in key areas, such as the length of the hibernation timer on a device.
Simply deploying a next-generation firewall won’t make your enterprise breach-proof. To learn more about security testing and the options available for security services, contact us at TeleConsult. We look forward to discussing network security with you.