Does your firewall really work?

Something that your IT people may not be telling you, or they simply may not know, is the very real fact that for many SME businesses, firewalls are not the trusted enforcer they once were.

Not all firewalls are created equal and if you haven’t looked at this portion of your IT system recently your firewall may not be up to scratch exposing your business to unacceptable risks.

The next-generation firewall was essentially born out of a necessity to provide much needed visibility and control over users and their applications. However, it has been reported that as much as 90% of application traffic is unidentified.

So why is it that most of the traffic passing through a modern firewall remains unknown, unidentified or simply too generic to be classified or controlled?

Why application control matters

Firewalls have evolved, changing from outward looking perimeter sentries into network guardians that protect against threats from inside a network, as well as outside.

This change has been driven by the threat of malware, the danger posed by application vulnerabilities, the risk of data breaches and data loss, compliance obligations, and the need to optimize network performance.

To accomplish these things the firewall needs to provide visibility and control over users and their applications.

They use deep packet inspection to identify applications and associate them to users or hosts on a network, allowing administrators to do things like prioritizing the main business application needs over less important apps increasing protection and productivity.

This kind of control relies on your firewall being able to identify applications successfully.

So, what’s the problem?

Unfortunately, the cyber criminals have developed technology that gets around many of the detection methods outsmarting majority of the firewalls used in the SME market space.

It’s a situation that doesn’t just leave potential risks undetected, your essential business applications – things like ERP solutions or CRM software – can also go undetected, leaving their traffic to get crushed or squeezed out under the weight of web surfing and other less important or unwanted application traffic.

Without reliable, accurate identification abilities, your firewall has no idea what it’s dealing with and no control.

How big is the problem?

A leading Firewall manufacturer released results from a recent survey of mid-sized organizations to determine how much of their application traffic was going unidentified and uncontrolled. It showed:

That nearly 70% of organizations surveyed had a next-gen firewall or UTM with application awareness. Respondents revealed that, on average, 60% of traffic is going unidentified… and many organizations reported that up to 90% of their application traffic was unidentified.

If you’re concerned about the security, liability, or performance impact this lack of visibility is having on your business – you are not alone.

Your business is exposed to applications introducing high risk of security vulnerabilities, compliance risks caused by potentially inappropriate or illegal content, productivity impact or bandwidth consumption.

So not all Firewalls are created equal – the good news is that some are still and will remain in front of the cyber threats.

Make sure to ask your IT people how much application traffic is going through your firewall undetected – and if it’s high – how are they going to fix this?

SME security is critical. For more information regarding the new data breach reporting requirements, please use the following link.