If a Firewall is Useless What to Do?

As I was scanning the Internet for interesting relevant articles this is the one I thought was unique in discussing a fundamental issue of our time(in 2015)

http://www.infoworld.com/article/2616931/firewall-software/why-you-don-t-need-a-firewall.html

Plus Roger Grimes discusses buffer overflows.

{ For nearly three decades, remote buffer overflows were the most dreaded tool in the hacker’s arsenal. Simply find an open listening port running a vulnerable service, pile in executable code, and — voila! — your buffer overflow exploit gained you complete system access.

That’s hardly ever true anymore. The number of truly remote buffer overflows — the ones you can point at a listening service and pull the trigger, such as SQL Slammer or MS-Blaster — are dwindling and nearly gone. Ask Microsoft: Since the release of Microsoft Windows Server 2003 in April of that year, Microsoft Windows has had only a handful of truly remote buffer overflows.}

I agree on several points if most people do not configure their devices correctly  (by most = over 50%)  then the firewall is only marginally useful.

IT people tend to barely run their operations in an “efficient” manner. By efficient I mean running with an eye to functionality.

Well if the firewall is functional, then it is not as secure.

So if we are too busy trying to keep the ship afloat how can we focus on every trick in the book that is being used to attack us?

My solution has been to go to the NGFW or Next generation Firewall…  And yes a NGFW is much more sophisticated than a standard firewall. For one thing it will check for malware and  other data points if you ask it (like SS# and CC#).

 

PAthreat_prevention

 

 

My previous post on NGFW: http://oversitesentry.com/what-makes-a-nextgenerationfirewallngfw-why-use-it/

The idea is if we are looking for datapoints that are being stolen by hackers, we can stop the network traffic.

This type of firewall requires a specific expertise and specialization.

Old firewalls even if configured correctly with Deny all ports except for select few ports such as web and email, are not able to deny a specific text pattern within an encrypted transaction, but the NGFW can.

 

The only problem is the complexity of proper configuration of a NGFW may be beyond your inhouse department, outsourcing may be the only way to keep up with the 2015 threat landscape.

 

As I mentioned in this post:

http://oversitesentry.com/cyber-disasters-still-coming/

Do you have the manpower to properly execute on the following functions?

Patch management

Email spam management

A threat intel department

A scan of your systems department (Like our Alpha scan etc) even constant vulnerability analysis

Test your websites both manually and in an automated fashion.

 

This is the central core of an Enterprise IT Security department.

I doubt a smaller organization has the ability to hire 2-3 people for each function. (10-15 people) as a minimum.

 

So outsourcing is the only truly realistic option.

 

http://oversitesentry.com/contact-us/

 

 

Advertisements

One thought on “If a Firewall is Useless What to Do?”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.