CrossNodes Product Briefing: Firewalls
Firewalls are, of course, the first line of defense against intruders to your network. It is difficult to justify a network's not having one, if that network is also used as a conduit to the outside world. CrossNodes Product Briefings provide an overview of what you need to know before purchasing a specific technology, and include round-up listings of current products from each of the major vendors.
With the advent of the Web and inter-network communications, the past few years have seen firewalls become a volatile market. A network firewall is like having a good watch dog. They let everybody that belongs in the house out but don't allow intruders in.
However, it looks like intruders still manage to get in. 40% of respondents detected system penetration from outside the company in the last year, while only 25% reported that in 2000. Gartner Group says 75% of U.S. corporations have experienced security problems. According to Meta Group, the majority of network managers/administrators are responsible for network, and often all of, IT security.
It's a no-brainer that network security is vital to your organization, but delving a little further into the latest numbers explains a few things you might not have otherwise suspected. For the past six years, The Computer Security Institute (CSI) along with the San Francisco Federal Bureau of Investigation (FBI) Computer Intrusion Squad have conducted the "Computer Crime and Security Survey". The findings are based on responses from over 500 security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities. According to the survey, 85% of respondents experienced computer security breaches in the last twelve months. 65% acknowledged financial losses. Of the 35% (186 respondents) of those willing and or able to quantify their loss, amounts totaled to almost $378,000,000 or over $2.3 million per respondent. In contrast, the 249 respondents in 2000's survey averaged $1.3 million per respondent.
We all know that the first line of network defense is the firewall. The firewall story emerged out of the UNIX world. Early on, vendors were accomplishing the same security goals in complex and inconsistent ways. Once installed, most firewalls then required a lot of user coddling, for even a minor configuration blunder could mean a serious security breach. Because firewalls emerged so rapidly, vendors had trouble agreeing on core technology and standards. Matters were further complicated by the surge of NT products coming into the market. That surge prompted some "buyer beware" press coverage.
Though pundits disagree on whether things have gotten much better, the current crop of offerings are well established with healthy install-bases. Along with firewall software applications and firewalls that operate as network appliances, operating system and server vendors offer firewall software, and you can now rely on an outsource to setup and maintain your firewalls, or all your security needs, on a contract basis.
The latest versions of firewalls incorporate strong user interfaces and configuration utilities. Vendors will continue to enhance the usability of the devices in order to compete more effectively in the market. Such features as automatic alarms and traffic logging are commonplace, and IT Managers can expect the list of functions to grow.