CDSA

Advanced cyber threats, encrypted broadband, network brownouts and a complex mess of point products and licensing costs are all making it difficult for IT teams to effectively and efficiently secure and deliver value to their organizations, according to Fortinet.

During the webinar “My Firewall Can Do That? Top Five Predictions That Will Elevate NGFWs in 2023” on Feb. 9, Fortinet predicted what it said the company thinks will enhance next-generation firewalls (NGFWs) and evolve to help enterprises face challenges in 2023.

“As many of you know, firewall is not new,” Nirav Shah, VP, products and solutions, at Fortinet, pointed out at the start of the webinar. Firewalls have been around for about 20-plus years, but network firewalls have become a “foundation for many strategic areas and that’s what key” right now, he said.

Initially, firewalls were just used for IP addresses and “doing the layer one to layer three inspection,” he noted. “From there, the industry moved to adding more applications” and we saw the stateful firewall, a network-based firewall that individually tracks the sessions of network connections that are traversing it, he said. Then, anti-malware functionality was added and “this is where the market changed to [the] next-generation firewall market,” he told viewers.

“But it didn’t stop there,” he told viewers, adding: “The market continued to evolve from there, and that’s where we have seen more interest coming, especially for an encrypted traffic. The need for a deep SSL inspection is required. So we did more convergence of adding more applications on next-generation firewall, including the deep SSL inspection, including URL filtering and more,” he explained.

There was a change yet again, in 2016, he said, explaining: “It is not just about the network firewall providing the security functionality. This firewall also needs to provide the networking core functionality like SD-WAN. And, again, SD-WAN became the “built-in core function of network firewall.”

So, “as you have seen, the firewall has evolved in last 20 years with the two core benefits [being]: It provides the security and, again, this is an enterprise-grade security to make sure you can prevent and detect the most sophisticated threats. But at the same time, the second objective is to continue to consolidate. So it is simple for you to operate while you are getting the most advanced capabilities.”

So, the main questions, he said, now include:  “Where is the network firewall market going from here on? And this is the most exciting part because we have some five key predictions for you where the market will evolve in 2023 and beyond to make the firewall the most [foundational] part of your network.

Then there are the trends that are driving “firewall evaluation, especially today in a post pandemic,” he said, adding: “These are three distinct drivers, which many of you are aware of or talking about. The first one is the cloud: More and more applications, more and more workloads that you are shifting to the cloud, whether it’s multi-cloud” or your Software-as-a-Service (SaaS) applications.

However, he pointed out: “The thing is, when you are distributing your application, your firewall also needs to evolve to make sure it provides the security everywhere you need. So cloud is driving a huge part of the [evolution]. But second is the workforce. Many of us … work sometime in office, sometime we are at home. It’s the hybrid workforce and Gartner and many analysts predict that this is going to be the norm as we move forward. The workforce is hybrid, your applications are distributed. It is not just about the IT network. It’s also about the whole network, the operational technology like factories and manufacturing, which is a very different part.”

The question, he said, then becomes: “How do we make sure that firewall is not just about protecting the edge but also about protecting the users and protecting those OT or operational technology applications?…. It’s faster. It’s cost effective.”

Meanwhile, the internet is “becoming the core part of your network,” he said. “But the problem is when the internet becomes the center stage, you also need to make sure that the direct connectivity is good” and that cybercriminals aren’t able to take advantage of it, he noted.

He added: “The combination of cloud, the workforce, the direct internet require network firewall also to make these changes…. So the firewall is not just about the security. It is going to solve many of the things that we talk about.”

Deep Dive Into Challenges

Taking a deeper look into the challenges, Pat Vitalone, senior manager, product marketing, at Fortinet, said: “Many enterprise customers today are dealing with very similar challenges. One is cyber threats. You can look at some of our own research [in which] we found that 67 percent of all organizations that we surveyed were actual victims to ransomware attacks.”

Vitalone predicted that “ransomware is not something that’s going away,” noting: “It’s increasing year over year, so it’s not really something you can ignore.”

The second challenge that “we come across pretty often is complexity,” he said, pointing to Gartner research that found 99% of firewall breaches were “not from a big bad hacker but are from misconfigurations.”

One reason, he said: “The dashboard is too complex. It doesn’t integrate well with other technologies. Policies can’t be aligned and this ultimately leads to a breach on the firewall.”

“The third challenge that we see across enterprise [is] the internet as the corporate backbone,” he said, explaining: “The problem with that is as of January 2023 … you can go to the Google transparency report and you’ll see that 94% of internet traffic is encrypted over https. What that means is if you’re using the internet as a corporate backbone, you have no way to see into the encryption.”

2023 Predictions

Fortinet’s “number one” prediction for this year is it strongly believes “convergence is going to spread across the industry,” Shah said.

He added: “We talked about how the Fortinet firewall is already doing many of the security and networking functionality but we do believe that this is going to become more and more and get more functionality to the bottom line where you can reduce your complexity. You don’t need 10 to 15 different point products for security and for networking. [Much] of this functionality we believe you are going to converge so that it [is simplified] and have standardized security everywhere.”

The company’s other four predictions, he said, are:

• Cyber disruptions will “become more devastating.”
• Hybrid work continues to grow.
• Network modernization goes further.
• Performance takes center stage.