Managed Firewall Services

Managed Firewall Services

Are they right for you?

As cybercrime continues to plague companies of all sizes, across all industries both public and private, we wanted to take this opportunity to explore options that can help protect your data and your business. We are often asked whether “Security as a Service” is the right option for many organizations. In this case, we are tackling the topic of managed firewalls versus a self-administered solution. Before we get there, however, let’s take a brief look at the history of network firewalls and how to determine which type may be best for you.

History of Network Firewalls

Simply put, a network firewall is a system or group of systems used to control access between two networks—a trusted network and an untrusted network—using pre-configured rules or filters. Firewalls can be comprised of a single router, multiple routers, a single host system or multiple hosts running firewall software, hardware appliances specifically designed to provide firewall services, or any combination of the above. They vary greatly in design, functionality, architecture, and cost. They are also sometimes known as a Border Protection Device (BPD) where the firewall separates networks by creating perimeter networks in a DMZ “Demilitarized Zone.”

Network firewalls have been around almost as long as the internet itself, first emerging in the late 1980s in response to a number of internet security breaches.

Over the years they have gone through numerous iterations, starting with packet-level filter firewalls developed in 1988 by Digital Equipment Corporation, later evolving to circuit-level firewalls. The current generation, often referred to as Next-Generation Firewalls (NGFW) combines the attributes of the previous versions but expanded to include other network device filtering functionalities, such as application-level firewalls incorporating deep packet inspection (DPI), intrusion prevention systems (IPS), stateful inspection, identity awareness and the ability to use external intelligence sources to identify and help stop potential breaches. In some instances, they may also have anti-virus capabilities.

Who Should Use Firewalls?

The short answer is every company and organization in business today should be using some type of firewall, including small and even home-based businesses. The hackers of days gone by may have been savvy teenagers showing off their digital prowess or the lone wolf trying to break into networks by attacking passwords. Today, many of these breaches are the result of concentrated efforts of organized criminals that deploy automated attacks. Worms and viruses initiate the vast majority of attacks, using worms and advanced malware to probe for weaknesses and infiltrate ill-secured networks. These types of attacks generally find their targets randomly. As a result, even organizations that may feel they have little or no confidential information may end up as victims of cybercrime without taking adequate preventative measures.

So, everyone needs a firewall but what kind?

In order to decide what type of firewall will work best for your organization, here are a few questions to identify the right solution.

  • What security measures will the firewall need to perform?
  • What additional services would you like to be part of the offering?
  • What networking functions will it need to perform?
  • How will it interact with existing services and users?
  • What does the firewall need to control or protect?

The list might include access into the network, access out of the network, access between internal networks, departments, or buildings, access for specific groups, users or addresses and access to specific resources or services.

What regulations is my business subject to that would require a firewall or specify how it is configured and/or managed? (For example, are you subject to HIPAA or PCI?) What would it need to protect? Some of those answers would be specific machines or network, specific services, information—private or public and users.

  • What impact will a firewall have on your organization, network and users?
  • Is hardware available that meets the requirements to support a firewall solution?
  • Will existing services be able to function through a firewall?
  • What will the financial impact be on the organization? (Financial impact should include initial implementation costs, ongoing maintenance and upgrades, hardware and software costs, and technical support costs.)

Self-Administered Firewalls or Managed Firewall Services

While we have established that firewalls are an important component for every business in operation today, we understand that there are a variety of firewalls to choose from. Now it is time to determine if a self-administered approach works best for the company or if a third-party managed firewall service is a better choice.

Key questions to consider in the decisionmaking process may include:

  • Who will administer the solution?
  • Are experienced technical personnel available for the job or will someone need to be hired from outside your organization?

With the cyber threat landscape everevolving, your cyber security policies and procedures along with your cyber defenses, including firewalls and anti-virus software need to be evolving as well. This means that a “set-it and forget-it” methodology just will not work. Organizations that lack the expertise to properly maintain their cybersecurity programs may struggle to keep their data safe.

To further complicate matters, a 2017 Cybersecurity Jobs Report 2018 to 2021 by Cyber Security Ventures predicts that there may be as many as 3.5 million cyber security job openings by the year 2021 and not enough people to fill them. The lack of resources will make it hard for many organizations, particularly small to medium sized ones, attract and retain cybersecurity experts. Add that to the cost of those individuals and the potential for high turn-over rates for individuals in demand, maintaining a safe and secure environment can become even more daunting.

A third-party managed firewall service administered by certified Managed Security Service Providers (MSSP) may be the solution for many, if not most, organizations. Key benefits to this approach may include:

  • Device provisioning and deployment
  • Performance, availability and policy management, upgrades and patch management
  • Real-time security and health monitoring and expert response to threats and health issues
  • 24/7 real-time security event and device health monitoring
  • Support from certified network security experts
  • Potential for improved total cost of ownership and reduced costs
  • Simplified management
  • Better internal threat protection
  • Reduced internal IT security training

One final consideration when determining which approach will work better for your organization is the number of firewalls that may need to be managed and maintained.

Historically organizations generally only had one firewall, between them and the world. Now, not only are the devices themselves more complicated, but there are more of them in an organization. Segmentation and even micro-segmentation means that organizations are employing more firewalls to put controls and safeguards between areas inside their network, as well as help protect them from the outside. This adds to the complexity of your cybersecurity defenses.

Using a managed firewall service can deliver a team of IT security experts to proactively detect new threats and help to reduce threat issues without the expense of hiring, training and managing an internal staff. With cybersecurity threats on the rise, constantly evolving and presenting a risk to organizations of all size across every industry, keeping your data secure is paramount no matter what path you choose to pursue.

This article originally appeared in the April 2019 issue of Security Today.

Featured

  • Security Today Announces The Govies Government Security Award Winners for 2025

    Security Today is pleased to announce the 2025 winners in The Govies Government Security Awards. The awards honor outstanding government security products in a variety of categories. Read Now

  • Survey: 60 Percent of Organizations Using AI in IT Infrastructure

    Netwrix, a cybersecurity provider focused on data and identity threats, today announced the release of its annual global 2025 Cybersecurity Trends Report based on a global survey of 2,150 IT and security professionals from 121 countries. It reveals that 60% of organizations are already using artificial intelligence (AI) in their IT infrastructure and 30% are considering implementing AI. Read Now

  • New Research Reveals Global Video Surveillance Industry Perspectives on AI

    Axis Communications, the global industry leader in video surveillance, has released its latest research report, ‘The State of AI in Video Surveillance,’ which explores global industry perspectives on the use of AI in the security industry and beyond. The report reveals current attitudes on AI technologies thanks to in-depth interviews with AI experts from Axis’ global network and a comprehensive survey of more than 5,800 respondents, including distributors, channel partners, and end customers across 68 countries. The resulting insights cover AI integration and the opportunities and challenges that exist with regard to security, safety, business intelligence, and operational efficiency. Read Now

  • SIA Urges Tariff Relief for Security Industry Products

    Today, the Security Industry Association has sent a letter to U.S. Trade Representative Jamieson Greer and U.S. Secretary of Commerce Howard Lutnick requesting relief from tariffs for security industry products and asking that the Trump administration formulate a process that allows companies to apply for product-specific exemptions. The security industry is an important segment of the U.S. economy, contributing over $430 billion in total economic impact and supporting over 2.1 million jobs. Read Now

  • Report Shows Cybercriminals Continue Pivot to Stealthier Tactics

    IBM recently released the 2025 X-Force Threat Intelligence Index highlighting that cybercriminals continued to pivot to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined. IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks. Read Now

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.