What new opportunities will open up for VARs as firewall technology continues to evolve to meet the latest security challenges?
Today's firewalls represent a conglomeration of functionality that looks very different from the basic ACL packet filters of a few years ago, but many of the fundamentals remain the same.
The convergence and consolidation of functionality, combined with technologies such as intrusion detection/prevention, antivirus and antispam, have created the unified threat management (UTM) market. UTM allows customers to simplify the operational aspects of their security architectures. Along with new technologies that enable better ways of classifying network traffic, UTM is driving the adoption of next-generation firewall technology.
The most profound change in firewall technology is the march up the stack -- from making decisions based on information in the IP header, to application "awareness" and content.
Customers are dealing with dozens of applications that (ab)use port 80 and port 443 holes opened in firewalls to allow for Web browsing. Understanding what applications and data are using these conduits becomes very important. A customer may want to allow a WebEx or GoToMeeting session over port 80/443 but disallow Web-based email using the same ports.
Opportunities exist for VARs to help customers craft security architectures that allow for more application and content granularity and efficacy. Products such as UTM, DLP, NAC and the latest in application-aware firewalls are allowing customers to gain better visibility into the information moving into and out of their networks. Many of these applications obfuscate themselves and use dynamic ports through firewalls. This detection is the focus of the next generation of firewall technology.
As customers seek to gain greater and greater control of their information, VARs will have the opportunity to guide their security strategy and architectures. This will allow them to place good bets on the evolving firewall technology landscape to preserve current investment while planning on upgrades after the assets are depreciated.
Dig Deeper on Managed network security services
Related Q&A from Christofer Hoff
Data leakage prevention (DLP) has become a feature of much larger information-centric lifecycle management suites of large companies with expansive ... Continue Reading
Antivirus software has become antimalware software, and as such it has become more popular than ever. However, to address future threats it will have... Continue Reading
Learn why many security vendors are offering SMB security products – and how UTM is a result of this trend. Continue Reading