By David Sandin
David Sandin, product manager of Clavister shows how new approaches to delivering next-generation security can benefit your business.
The firewall has been the first line of cyber defence for companies for the past 20 years. Firewalls used to be relatively simple devices – in effect, a border control on your network that allows or denies access to certain types of traffic, based on the resources the traffic is trying to access. For example, can a remote user connect to the email server, yes or no?
However, threats to networks have evolved from this simple scenario, which means that network defences have had to evolve, too. Enter next-generation firewalls (NGFWs). In addition to allowing or denying network connections, they deliver better, faster and more intelligent security than conventional firewalls, to support the more complex traffic generated by use of web applications.
They inspect the content of network traffic, looking for malware and other threats, blocking stealthy intrusion attempts, and controlling the types of web application available to specific users. For example, can someone in the accounts team connect to Youtube, yes or no? NGFWs effectively add X-ray scanning and advanced detection technology to a border control, making defences more advanced and better able to secure modern networks against current and emerging stealthy threats. And these threats are both real, and costly.[ms-protect-content id=”9932″]
The UK Government’s 2013 security survey found that small businesses are facing a greater threat of losing confidential information through cyber attacks than ever before. 87% of businesses with up to 250 employees, across all industry sectors, experienced a breach during 2012, up from 76% in 2011. Furthermore, the average cost of these breaches was between £35,000 and £65,000.
The problem is, boosting the level of network protection to mitigate the risk from these threats comes at a price: capital investment in new security solutions, and ongoing management and maintenance of those solutions. These put further pressure on already-stretched IT budgets and resources, especially in small or medium-sized companies, which may lack the IT resources and time to keep up with evolving security issues.
These reasons explain why security-as-a-service (SECaaS) offerings are increasingly attractive to organisations of all sizes. In TechTarget’s 2013 IT Priorities Survey of over 1,700 IT professionals, 19% said they plan to use external SECaaS offerings, driven by the need to keep up with the increasing numbers and pace of security threats. With SECaaS, the company can enjoy advanced security with zero upfront capital costs, and with all of the time-consuming set-up, management and reporting functions handled by a partner.
Until recently, SECaaS offerings have focused mostly on email management, Web content filtering and related services. However, it’s now possible to deploy a virtual next-generation firewall as a service, not only to protect your network against intrusion and hacking, but also to give additional advanced security features to protect against new threats.
Security at your service
This enables companies with older firewalls to avoid capital costs for upgrading or replacing existing solutions, and also allows them to enhance and consolidate overall protection with additional security functions, integrated on the virtual NGFW. These functions can include application control (enabling companies to manage which Web 2.0 and social media apps their employees can access), user identity awareness, anti-virus, intrusion detection and prevention, and web content filtering. This saves companies further costs, as they do not need to invest in purchasing or managing solutions to provide the additional functions.
This NGFW as-a-service model delivers several compelling advantages, in addition to the capital cost savings. It’s fully flexible and scalable: you don’t need to worry about issues such as available capacity, ports or performance. Instead, you simply request the appropriate specification that suits your needs, for a monthly service fee. If you need to expand or shrink your use of the service, you simply request that the change is made by the service provider, and your service fee is adjusted accordingly. Security management and product update tasks can be handled by the provider as part of the SECaaS package, enabling your IT staff to focus on other business issues.
The service can also help with defining your security policies, offering a range of pre-defined policies that you can update and modify later, with integral reporting as part of the service to help you gain a better understanding of activity on your network.
In conclusion, it’s now possible to boost your business security by deploying virtual next-generation firewalls as-a-service business. This gives you easy, flexible ‘set and forget’ security, without demanding upfront capital investment in new or upgraded equipment – letting you focus your energies and resources on your core business.
For more information, please visit www.clavister.com
About the Author
David Sandin is Product and Solutions Manager at Clavister AB. He is responsible for Clavister’s security portfolio targeting the Cloud and Enterprise sectors. He joined Clavister in 2012, and before that he worked for Oracle Corporation in Ireland.