The Dirty Secrets of Network Firewalls

Scott Barlow, global VP of MSP and cloud alliances, Sophos
Author: Sophos VP of Global MSP Scott Barlow

For MSPs, firewalls are just a part of the job – they’re important, necessary, and we’re always looking for a better way to manage them and get the best out of the firewalls we install and maintain.

But have you heard about the “Dirty Secrets of Network Firewalls?”

A recent survey by UK research house Vanson Bourne talked with 2,700 IT managers across the world with some interesting, and often surprising, results. What they found was that firewalls are failing organizations in key areas of protection, visibility, and threat response, and those failures are making the lives of IT professionals more difficult everywhere.

Firewalls are our first line of defense, but among the surveyed IT professionals, they reported that their organizations are still being hit hard, averaging 16 infected devices a month. A whopping 79% of respondents said they wanted better protection from their firewalls, and half said better firewall protection was their single most desired improvement – numbers that say that there is a huge opportunity to grow and improve in the industry.

We don’t know what we don’t know

Another dirty secret of network firewalls? IT managers can’t tell you how 45% of their bandwidth is consumed. And if they don’t know how it’s consumed, they don’t know how to control it.

This lack of visibility causes multiple problems for admins. Clearly, most (84%) said that security was a concern because of the lack of visibility, but other factors weighed on them as well – more than half (52%) were worried about productivity, while 42% were concerned about legal liability or compliance due to potentially illegal or inappropriate content.

IT managers want better visibility from their firewalls that would enable them to identify risky users and apps, manage non-work related traffic, optimize their bandwidth, and overall better account for their network traffic.

Time is money, and the wrong firewall costs you time

Here’s a statistic that might make you feel exhausted: on average, an organization spends seven working days every month cleaning infected machines. And it takes an average of 3.3 hours to identify, isolate, and remediate one of those infected machines.

And we know there’s a significant shortage of IT security expertise out there – 70% of respondents said they have been impacted by that shortage, and that means spending time remediating infected machines impacts an already overburdened work force.

Universally, survey respondents said it would be useful if their firewall could isolate infected machines automatically. Keeping machines malware-free is a combined effort between firewalls and endpoint protection solutions, and knowing that, 97% of IT managers surveyed said it’s likely they’d buy their firewall and endpoint solutions from the same vendor if it improved detection rates and automated incident response.

The not so dirty secret – there’s help out there

While the pain points caused by the dirty secrets of network firewalls are universal, the good news is options exist to fix that. Sophos XG Firewall, for example, offers next-gen protection against unknown threats that slip past other firewalls, and XG provides 100% visibility of network traffic, enabling IT professionals to resolve issues of risky behavior, productivity loss, and more. It also automates response to infections and works hand in hand with Sophos Endpoint Protection, sharing threat, health, and security information with Synchronized Security.

Specifically, Synchronized App Control provides instant insights into all the previously unknown applications on your network, how many endpoints are using them, and more, so you can easily block the apps you don't want and prioritize the ones you do. Not only does this keep unwanted, and potentially dangerous, applications off your network, it also helps manage traffic and productivity as well. Spot apps that shouldn’t be there, identify and prioritize custom apps you want, and more. You can learn more about Synchronized App Control with this short video or by contacting Sophos.

Also, XG Firewall doesn’t have to work alone. With Sophos Synchronized Security, XG is designed work hand in hand with Sophos Endpoint Protection. Having powerful, effective firewall and endpoint protection is great, but how much more powerful can quality protection be when your firewall and endpoint security talk to each other, sharing threat intelligence, and alerting each other in the event of an attack or breach? With Synchronized Security, you get exactly that. Sophos Security Heartbeat ™ monitors your Sophos Endpoints, while Synchronized Security through XG Firewall gives you unmatched visibility.

This includes Sophos’ groundbreaking Intercept X protection. Classic endpoint protection and antivirus still has its uses, but with hundreds of thousands of malware variants created every minute, there’s only so much standard endpoint protection can do. Intercept X stays ahead of the game, detecting zero-day threats, preventing ransomware attacks, and understanding and blocking the key exploits hackers use most to get to your data.

Now’s a good time to take a look at the effectiveness of your firewall options. Are they harboring any dirty secrets of ineffectiveness, or do they provide the right security, free and clear?

Scott Barlow is VP of Global MSP at Sophos. Read more Sophos blogs here.