“In a lot of ways, we’ve been doing this for years now, [but internal segmentation firewall] is really the next evolution of what we’re seeing,” said Matt Corney, Nuspire Network’s CTO.
An internal segmentation firewall (ISFW) is basically another next-gen firewall that sits closer to the core of your network. It is very critical to be able to control outbreaks that may be happening in different areas of your system.
Corney explained that we used to accomplish this via VLANs and the switching infrastructure would take care of this, but now we’re seeing the process of firewalling off certain segments of our networks.
An example might be an organization that utilizes MPLS (Multiprotocol Label Switching) and has multiple MPLS locations throughout the country, or even the world. A good place to utilize a firewall and start segmenting traffic is where all of these locations head into your corporate network.
“We can operate these internal segmentation firewalls at a layer 2 level which allows us to have insight on that traffic, gain a lot of understanding, but then also layer in things like IPS, IP reputation potentially,” said Corney. It allows those users at MPLS locations access into the one app they need and keeps them from accessing any other portions of the organization.
“The ultimate goal here is to ensure that if there is a breach at one part of the network it’s not able to move its way through the rest of the network,” said Corney.
Corney said we’re seeing a big growth in high performance firewalling capabilities. Not too long ago we were at 4GB, which quickly increased to 10GB, then even quicker escalated to 40GB, and now the adoption of 100GB is becoming much more prevalent due to the modernization that is occurring within the industry.
“The bottom line is that you just need to understand the ability to segment out those networks and then also be cautious, once again, about performance because dealing with 40GB or 100GB networks, obviously, you need to have some very high performance systems in place to be able to deal with that,” said Corney.
To learn more about internal segmentation firewalls and how to better protect your network, view Nuspire’s webinar here: https://www.youtube.com/watch?v=aDgNqt_xpVs.