It's hard to remember that the commercial firewall, as we know it today, has only been around since 1994. This was the first firewall that could monitor every layer of the OSI stack—a formidable obstacle to hackers.
With more and more network traffic moving towards the edge, as with cloud-based services and ever-expanding in-house app platforms, administrators must be prepared to introduce additional in-line devices to their security operations centers. Today, networks are shouldering far more traffic than the application firewall was first thought up.
These days, however, a firewall by itself is no longer a comprehensive network security solution. The increasing amount of traffic through the network edge means that multiple in-line security appliances must be used to augment your security.
Back in the 90's, administrators could just take down the whole network in order to perform maintenance or reconfiguration. That isn't feasible anymore. Network security professionals must be able to enhance their stacks without introducing downtime: a recent study from the Ponemon Institute found that firms lose nearly $9,000 per minute in the event of a data center outage.
In the big picture, let's get a better understanding of the four main challenges when deploying a bigger, better stack of in-line security appliances:
- Silo solutions: Network efficiency requires a silo setup that is elegant, and uncomplicated. As administrators introduce more and more in-line appliances, those devices can become silos of their own. Without the right orchestration, the whole network becomes disjointed, nullifying whatever benefits may be introduced by the added tools.
- New security risks vs. new points of failure: It can look like a dangerous choice—deploy more in-line security appliances and run the risk of them becoming points of failure if administered improperly, or avoid these deployments and run an ever-greater risk of breaches and outages.
- Architecture & implementation: Adding in-line security appliances to a network that was designed years ago—that is, when security challenges looked quite different than they do now—means that network architects have to face the tremendous task of determining just where to place the new appliances in order to maximize efficiency.
- The problem with ports: SPAN ports are frequently used to physically connect in-line security devices to the network, but not every network setup has heaps and heaps of extra ports available, nor the ability to shoulder heavier traffic. It's time to move beyond SPAN port solutions: these days, they're not really solutions at all. In-line deployments require the support of a robust array of network TAPs. It's a sign of the times.
It is especially important that network professionals are mindful of these potential stumbling blocks, because the rise of remote access and cloud-based activity has made enterprise security's 'big picture' even bigger.
Combined with the fact that the sheer number of cyberattacks increases year by year, inefficient inline security tool deployments aren't just a drag on the bottom line; they can spell utter disaster.
Garland Technology has you covered with the best solutions for in-line security appliance implementation: check out the whitepaper, Managing the Edge of the Network – A New Necessity for Security Architects, for more information on how to get the most out of your in-line security stack.