This eWeek article describes some of the latest changes in the firewall sector. The bottom line of the piece -- and others -- is that the role of the firewall is changing as applications, run by good people and bad, find ways to evade security measures that are increasingly antiquated.
The story goes into a good amount of detail about the features and functionality being added to the devices. The story focuses on Palo Alto Networks' PA-4000 series and the products that are emerging from Cisco after its acquisition of IronPort.
The PA-4000 series, according to the story, addresses the far more flexible ways in which applications attempt to enter the local-area network (LAN). More information about the Palo Alto firewall is available here. Cisco, meanwhile, is integrating the SenderBase product from its recent IronPort acquisition. This will provide the firewall with information about the sending server's reputation. Further details on Cisco's integration of IronPort technology is available at this link at ARN.
The world of open source also is impacting the firewall. This piece profiles Vyatta, an open source router/firewall/virtual private network (VPN) that runs on a virtual machine, as a software application or on a standalone piece of hardware. The benefits of the approach, according to this column, is that new functionality can be added as the organization sees fit. This can lower costs and enable more flexible integration of various security tools, including firewalls.
There are a lot of firewalls available, and they are upgraded on a regular basis. It therefore is important to keep abreast of this broad category. Many security experts say that the true battleground for security has shifted from the perimeter -- the realm of firewalls, intrusion detection systems (IDSes) and the like -- and now is focused on insider threats. This certainly seems to be the case.
That is no reason, however, to relax the focus that has forced the bad guys to go elsewhere. The moves by Cisco, Palo Alto and Vyatta suggest that the industry has avoided this complacency.