Firewalls and the Plateau of Productivity

Firewalls: Something every architect is familiar with. Something that still raises many of our heart rates. At some point in your IT career, it’s likely you’ve had to deploy and configure a firewall and most likely it was a painful experience not easily forgotten. Even if this isn’t your full-time job and you don’t live and breathe firewall rules (yes, those people do exist), dealing with firewalls can be stressful. One small mistake could cause incredible amounts of damage. You could accidentally remove access to critical applications or, worse, open the door to an attack without knowing it. Add to that the awful feeling in your stomach each time a critical patch is applied and the desperate prayers that rebooting the firewall didn’t change anything—well, that gives you a sense of how much fun firewalls can be.

Firewalls made sense when all data and users lived inside the ‘castle’ (the corporate network) and firewalls served as the ‘moat’; your perimeter defense. Even early on, as data consumption started to grow and users required higher levels of application access, firewalls still made sense—as long as the majority of users were inside the network perimeter and data lived in the data center. However, times have changed.

Network Firewalls Have Peaked

Fast-forward to the world we live in today. The ‘castle and moat’ architecture is obsolete. Users are working from everywhere; not just in the corporate office. Data is no longer solely stored within the confines of the company’s infrastructure but is being migrated and stored in the cloud. The world has changed and network-based firewalls are no longer the best option.

Productivity Powered With SSE

So, the world of IT and security needs to adopt a different approach and, with this in mind, Gartner recommends a security service edge (SSE).

As half of the overarching SASE framework, SSE describes a set of integrated, cloud-delivered security services (ZTNA, CASB and SWG) that broker secure connections between authorized users and business resources by using identity and policy to grant or deny access. Ultimately, SSE platforms provide a modern alternative to traditional network security technologies like firewalls and VPNs, powering productivity in a variety of ways:

SSE is built for the modern workplace–The modern workplace is one where users, devices and data can be located everywhere. While firewalls were built for perimeter security, SSE was built for global security. With access happening from truly everywhere, user experience also must be optimal from everywhere. Cloud-delivered SSE platforms enhance user productivity significantly by delivering a consistently seamless experience from anywhere.

SSE optimizes management for IT teams–Instead of adding complexity, SSE simplifies access management by eliminating the need to constantly keep firewall policies up-to-date. Teams can eliminate the anxiety that is brought about by a software patch, and no longer have to deal with complex, time-consuming hardware refreshes. The result is optimized, efficient teams that can significantly reduce hardware and maintenance budget while also having the ability to reduce a company’s carbon footprint.

SSE operates on adaptive trust–SSE platforms are built on the concept of adaptive trust with not one perimeter, but many microperimeters built around every user, device and application with the core concept of granting no inherent trust. SSE’s initial posture is that of zero-trust, where trust is never inherently granted; then moves to adaptive trust as user, device and app posture is assessed and qualifications met. Even so, SSE never extends corporate network access to users, only the select, authorized applications they have permission to access. Security teams can rest easy knowing that both attack surface and risk of ransomware attacks are significantly decreased.

SSE cures IT blindness—SSE was designed with visibility as a core requirement; critical in a world where IT teams can no longer use internal tools to follow the path of data and users around a corporate network. This visibility and control raises the IT and security teams’ awareness of threats and allows them to troubleshoot and resolve issues much more quickly and efficiently in a world where the new corporate network is the internet.

Have Firewalls Caused You to Plateau?

It’s clear that firewalls worked well in the era of castle-and-moat when data and users were all located inside the corporate network, but they do not fit the needs of businesses in this new hybrid world where users and data can be anywhere. Over the last two years, SSE technologies have proven that not only they are on the rise but that they are the preferred approach to securing connectivity for the modern workplace. The key question is, what’s stopping you from exploring SSE?

If you’re interested in learning more about SSE, check out my conversation with Cloud Security Alliance (CSA) about the journey to SSE.

Avatar photo

Jaye Tillson

Jaye is a technology leader with a proven track record in delivering global strategic and enterprise wide programmes totalling over $1billion. He provides technical advisory to global mergers and acquisitions across multiple countries and cultures, large scale global transformation programs, enterprise-wide cyber security governance, digital strategic planning, and the creation of operational efficiencies.

jaye-tillson has 6 posts and counting.See all posts by jaye-tillson