1. How Do UTM Firewalls Protect Users?
Whether they’re called unified threat management, next-generation, software-defined WAN or secure access service edge, firewalls need to have advanced Layer 7 knowledge to protect users. A combination of application intelligence and threat mitigation is needed, whether on your main medical campus or in remote clinics. The buzzword isn’t as important as the features you turn on: application management, anti-malware, URL filtering, intrusion prevention and (in many environments) user authentication. Even if you’ve fully deployed sophisticated user endpoint protection tools on desktops, the world of guest users, Internet of Things, embedded devices, printers, legacy lab hardware and everything else attached to modern networks requires additional controls, both for incoming and outgoing traffic.
2. How Do Stateful Packet-Filtering Firewalls Protect Data Centers?
Your on-premises data center needs protection from daily hack attempts. But security features such as intrusion prevention or anti-malware have a performance and budget cost out of proportion to the benefits. Network security teams should focus on high-performance hardware that won’t need babysitting or upgrades as traffic grows. Buy for that 10 gigabit-per-second connection you know is coming down the pipe. The firewall you select may have UTM features (few are sold now that don’t), but you should buy and configure for raw throughput. If you have major workloads still running on-premises, look for firewalls with high-end integrated load balancer capabilities.
EXPLORE: How do next-generation firewalls fit into a modern healthcare cybersecurity posture?
3. How Can Fine-Grained Microsegmentation Protect Users?
One of the hardest parts of zero-trust security is microsegmentation: dividing data centers (on-premises or in the cloud) into tiny segments, with firewalls protecting what goes in and out. The best firewall here is a simple packet filter. From a configuration management point of view, microsegmentation requires application and system owners to have a sophisticated knowledge of their network traffic flows, which can be a challenge in Windows environments. This is especially true if you’re grappling with legacy, difficult-to-upgrade healthcare applications. At the same time, security and network teams must translate these traffic flows into manageable security policies and firewall rules. While edge-of-data-center firewalls provide a backstop, controlling server-to-server communication and hundreds of security zones is a new and difficult challenge. This means the simpler the firewall, the better. Now is the time to balance manageability and performance with the bells and whistles that firewall vendors have been adding in and look for something that works for your system.
4. What’s the Best Approach To Cloud Protection?
Cloud vendors are playing catch-up with firewall technology. This means you need to be flexible and ready to shift your strategy as cloud vendors shift theirs. Some IT managers will place their own firewalls in cloud data centers to simplify management and make cloud security a known quantity, and that’s a perfectly valid approach. But others will want to use the cloud-native firewall tools built into the Infrastructure as a Service offering, which guarantees performance and scalability, as well as integration with other cloud management tools. There’s no best practice defined here yet, so IT managers should keep an open mind and be agile in their cloud security architecture.
5. Why Is It Critical To Invest in Centralized Management?
If you can manage all your firewalls from a single pane of glass, you’re less likely to make career-limiting errors or have inconsistent views of what is and isn’t allowed. There’s no more important piece of the firewall puzzle than good, comprehensive centralized management.
