Walls have existed for millennia.

From the Walls of Babylon to the Great Wall of China, humankind has used walls as a form of protection. But there is one truth about walls that no one likes to admit. When an attacker wants to get in, the wall doesn't stop them.

Here are three reasons why your firewalls will fail.

Reason 1: Misconfigurations

Did you know one of the biggest reasons for firewall failures are misconfigurations? According to Gartner, in 2020, 95% of all firewall breaches were caused by a misconfiguration.

That mean's that 95% of all firewall breaches could have been prevented if the network engineers had read the manual correctly or done their homework before configuring their devices.

Gartner believes this number will go up to 99%.

An engineer can cause a misconfiguration by not correctly applying a company policy. The reason's for this generally fall into three areas.

1) There is no policy / or an incorrect policy on protecting the network.
2) There are no standards on how the engineer should set up the firewalls.
3) The engineer does not have enough training on the product to set it up correctly.

Reason 2: Unpatched devices

Firewalls are like any other network device and require continuous updating and maintenance. Unfortunately, it's common for IT networks to be left with legacy devices and firewalls fall among them.

An unpatched device can lead to vulnerabilities in its setup, which can be exploited by attackers, allowing them to have easy access to your environment.

Or they could be causing incompatibility issues, as your unpatched legacy devices start to conflict with the more modern requirements of computing networking.

Make sure to keep up to date with the latest patches, and if you are left holding on to a legacy device, make sure the risks are documented and that there can be no dispute that you've not shouted from the rooftops to get the investment to enhance these defences.

Reason 3: External Compromises

IT runs on trust. At some point, you have to trust another service, be it the DNS server, the ISP access, your MSP. And all of these could become compromised and utilise your existing connections to pivot to your network.

Network segmentation will help prevent this abuse of trust. For example, make sure you only allow access to those who need it.

Conclusion

There are plenty of other reasons for your firewalls to fail, from hardware bottlenecks, inaccurate firewall policies, and not to mention the dreaded zero-day that exists right now on your firewall.

So what's the answer?

Prepare for your firewalls to fail. Invest in incident response now, before it's becomes a crisis.

Kind Regards
LR