Background
Having an Firewall to securing perimeter gateway in enterprise network is a mandatory requirement nowday. Without it, enterprise will have vulnerabilities that might be exposed to external and would be increasing possibility security incidents occur that impact to enterprise business activity.
Enterprise should be aware of this security risks. When everything transforming become digital, existence of information classification start from lowest (public) to highest (confidential) should be define by enterprise. Every single information that invaluable could be very valuable especially by unauthorized persons. Accessing to information classification should be limited only to authorized person only. This is one of the firewall role.
When security threat evolving continually also followed by security devices. Formerly firewall capability only to limited access such as permit and allowed access, nowday to strengthen the firewall functional improved to the next level. Many capabilities added such as packet inspection, Intrusion Prevention System (IPS), Data Loss Prevention (DLP), URL Filtering, Antivirus, Identity Management, etc. All this capabilities, called features, have advantages and also disadvantages.
Define Requirements Clearly
Keep in mind, you should define your security requirements first before you start to perform product evaluations. Every product have disadvantages and advantages. They might be offering identical solutions. But to achieve it, they might be using different security mechanism. Do they solutions fit with the enterprise objectives? This question can be answer only through the requirements.
Clearly requirement will more helping the enterprise to achieve their objectives. Start evaluate existing environment. Evaluate every entry point that might be caused information exposed to unauthorized persons. Both entry point could be from logical or physical access. Brainstorming the requirements internally and finalized it by create an documentation. Both requirements could divide into technical and data sheet. Simple spreadsheet could help you.
Some of requirements that might be took as parameters such as:
Features, features, and features...
As mention in the previous paragraph, nowday security vendors added security features in their product to be consider as added value than others. But the questions is do you really need all features to be used to secure your environment? Next one is do all security features should be enable in 1 Firewall box / use different security box? It took a deep analysis by evaluate certain parameters to answer that questions.
Basically what you need to remember that more security feature to be enable it will decreasingly the Firewall performance and it will sacrifice Firewall capabilities to process the packets. It will need bigger Firewall series.
This section will be discussed in next topic.
Thank you for reading.
- EJ
Having an Firewall to securing perimeter gateway in enterprise network is a mandatory requirement nowday. Without it, enterprise will have vulnerabilities that might be exposed to external and would be increasing possibility security incidents occur that impact to enterprise business activity.
Enterprise should be aware of this security risks. When everything transforming become digital, existence of information classification start from lowest (public) to highest (confidential) should be define by enterprise. Every single information that invaluable could be very valuable especially by unauthorized persons. Accessing to information classification should be limited only to authorized person only. This is one of the firewall role.
When security threat evolving continually also followed by security devices. Formerly firewall capability only to limited access such as permit and allowed access, nowday to strengthen the firewall functional improved to the next level. Many capabilities added such as packet inspection, Intrusion Prevention System (IPS), Data Loss Prevention (DLP), URL Filtering, Antivirus, Identity Management, etc. All this capabilities, called features, have advantages and also disadvantages.
Define Requirements Clearly
Keep in mind, you should define your security requirements first before you start to perform product evaluations. Every product have disadvantages and advantages. They might be offering identical solutions. But to achieve it, they might be using different security mechanism. Do they solutions fit with the enterprise objectives? This question can be answer only through the requirements.
Clearly requirement will more helping the enterprise to achieve their objectives. Start evaluate existing environment. Evaluate every entry point that might be caused information exposed to unauthorized persons. Both entry point could be from logical or physical access. Brainstorming the requirements internally and finalized it by create an documentation. Both requirements could divide into technical and data sheet. Simple spreadsheet could help you.
Some of requirements that might be took as parameters such as:
- High availability, which use to keep services up and running securely.
- Load balancing, which use to balancing traffic between Firewall and utilize performance optimally.
- Stateful inspection, which use to track packet state connections.
- Dynamic and static routing such as BGP, OSPF, static route, etc.
- Identity management, which could integrate with identity management tools such as Active Directory.
- Supporting external log and event management such as Splunk and ArcSight.
- Throughput capabilities, simply which used as maximum packet could passed the Firewall.
- How many physical port available which can used by Firewall.
- Power consumptions.
- Physical dimensions.
- Vendors technical support, capabilities and knowledge to support the enterprise objective.
- 3rd party reviews such as Gartner and NSS Labs.
- Additional requirements to be comply to external regulator, such PCI.
- The enterprise budget.
Features, features, and features...
As mention in the previous paragraph, nowday security vendors added security features in their product to be consider as added value than others. But the questions is do you really need all features to be used to secure your environment? Next one is do all security features should be enable in 1 Firewall box / use different security box? It took a deep analysis by evaluate certain parameters to answer that questions.
Basically what you need to remember that more security feature to be enable it will decreasingly the Firewall performance and it will sacrifice Firewall capabilities to process the packets. It will need bigger Firewall series.
This section will be discussed in next topic.
Thank you for reading.
- EJ