Nobody gets excited about the firewall anymore.  That’s because innovation has been absent from the firewall for the last 15 years.  Traditional firewalls have been out of step with the times for a while now.  The Internet has changed the way we secure our networks.

Years ago the firewall did a pretty good job at controlling traffic that flowed in and out of the corporate networks.  That’s because traffic was generally well behaved.  Email typically used port 25, FTP was port 20, and web surfing was port 80 HTTP.  Back then “Ports + Protocols = Applications”.  Blocking a port meant blocking an application.  Unfortunately, that is not the formula today.

Today, the Internet accounts for 70% or more of the traffic traversing the corporate network.  However, it’s not just port 80 “Web Surfing”.  20% – 30% of it is encrypted SSL traffic on port 443.  Also, new Internet applications are wrapping themselves in other protocols to sneak through ports that don’t belong to them and even bury themselves inside of SSL tunnels.

All of these applications carry some inherent risk to businesses.  They play host to clever new threats that usually slip through the traditional firewall undetected.  This is because the firewall is still playing by the rules that don’t exist anymore!

Share on Facebook