The latest security breach in Juniper Networks and the news that Juniper has found a backdoor code in its firewalls is raising concerns across the entire network security community. While the backdoor was found in an older version of the Juniper Netscreen Firewalls, it once again raises questions on the role of firewalls in today's cyber security landscape.
It is no secret that Firewalls have been around for a long time. From Gauntlet firewalls to Check Point Firewall-1 and Palo Alto Networks, firewalls have been a part of our lives for over 20 years. Can this backdoor discovered in Juniper's firewalls be the beginning of the end?
It's the end of the world as we know it (and I feel fine) because firewalls are not going anywhere. If anything, they are going to be doing more. Much more.
The firewall is continuously evolving; we're in the age of Next Generation Firewalls and new security technologies like sandboxing and advanced threat protections. While NGFW constitute about 40% of the market (according to the latest Gartner Enterprise Firewall Magic Quadrant1), by 2018 this will reach 85%. The new generations of firewalls go beyond applications and user control. They include embedded IPS technologies along with sandboxing and threat intelligence feeds.
As the first line of defense between the enterprise network and the external threats, the firewall must continue to evolve and develop to remain relevant and effective. Beyond that, enterprises are expanding their firewall presences outside the enterprise and into the cloud – with a clear need to secure the cloud as an extension of the enterprise network.
In the recent InformationWeek Security Survey2, respondents still rated firewalls as the number 1 security product. Furthermore, the firewall is viewed as the most valuable security product by most respondents.
So if we agree that Firewalls are here for the foreseeable future, organizations need to think about how to take full advantage of the new security capabilities available in newer generations of firewalls. This means that to find your way forward, you need to go back to basics and ensure best practices are not forgotten:
- An overly complex firewall policy will not become any easier to read and understand when you turn on those new cool security features. It will probably be even more complex.
- The tedious manual process around implementing changes in the firewalls will not become easier all of a sudden just because the firewall has REST APIs and is SDN-ready.
In order to face the new world of advanced firewalls, you must have full understanding and control over your security infrastructure. In order to expand your security coverage and secure the cloud, you need to first understand how this cloud is being used, by whom, and with what security controls in place. New security best practices like micro (or nano) segmentation are still based on the same concepts as network segmentation and require similar tools and abilities (around visibility and control) in order to be properly implemented.
Tufin customers worldwide can immediately address this threat using a script that will check your NetScreen devices for this vulnerability - please contact firstname.lastname@example.org
1 Gartner Magic Quadrant for Enterprise Network Firewalls (April, 2015) 2 InformationWeek 2015 Strategic Security Survey (Sept, 2015)