Recently, I was on a panel about the evolution of security solutions, and someone asked an interesting question: “What is it about traditional firewalls that makes it difficult for them to do the job in today’s environment?”

One of my fellow panelists answered the query with one, albeit long, word: deperimeterization.

Not too long ago, all employees worked in an office, servers were all in an office closet, and IT secured all traffic with a firewall. Firewalls only needed to do their one job and do it well. 

But now, servers have moved to co-location facilities, applications have moved into the cloud, and employees are often working from anywhere (WFA) they can get a Wi-Fi connection. Next-generation firewalls (NGFW) were a huge leap forward in threat protection, but even NGFWs can leave security gaps if they work independently. Threat intelligence services are seeing more and more how cyberattackers are taking advantage of security gaps—especially with WFA users.

The next big evolution involves coordinated protection and unified management across the entire hybrid enterprise through a Hybrid Mesh Firewall (HMF).  

Problems with Siloed Firewalls

The initial response by many cybersecurity teams to these major changes and deperimeterization was to deploy many firewalls, creating an infrastructure with several NGFWs that often didn’t communicate with each other. This created issues, including:

  • Time-consuming and error-prone policy updates
  • The challenge of getting holistic data on firewall performance across the network
  • The high cost of facilitating firewall procurement and licensing from multiple vendors

Some organizations even built or deployed additional solutions in an attempt to connect their smattering of firewalls, but this created even more frustration and tied up important IT resources.

The emergence of Hybrid Mesh Firewall architecture 

Organizations need a hybrid way to address security and management across the hybrid network, and thus, hybrid mesh firewall architecture has emerged. This approach creates a unified security platform that coordinates protection across multiple enterprise IT areas, including branches, campuses, and data centers; public and private clouds; and WFA users. 

To do this, hybrid mesh firewalls come in various form factors, including appliances, virtual machines, cloud-native firewalls, and firewall-as-a-service (FWaaS), and have centralized management across all these form factors. This allows IT teams to automate numerous protection capabilities without duplicating efforts, having to re-create policies, or investing needless manual hours when the cybersecurity skills gap already limits resources.

A platform approach

HMF is a result of the need to converge networking and security and the importance of an integrated platform for network infrastructure. The rollout of this new architecture has illustrated that organizations must stop thinking about single point-products and consider their security and networking solutions holistically, including future needs like Secure Access Service Edge (SASE) and Zero-Trust Network Access (ZTNA).

A platform approach is also the only way to ensure simple, unified management across the entire environment, including on-premises, remote users, workloads in a multi-cloud. We’ve seen it take IT teams months to roll out enhanced safeguards within environments with many disconnected point products. But with a platform approach, organizations can now implement cybersecurity updates within days or even just minutes. 

Don’t forget about day 2

With any new technology, many organizations prioritize what I like to call Day 1, meaning getting the technology up and running. But Day 2 (how the technology functions within your environment) is just as important. When thinking about a HMF solution for your environment, keep these Day 2 questions top of mind:

  • How can automation provide the details needed? 
  • How can AI help fix user experience issues? 
  • How do the firewalls fit into the ecosystem?

Digital Experience Monitoring (DEM) is an incredibly powerful tool to measure user experience within your hybrid environment. If users are running into performance issues or traffic congestion, they may become so frustrated that they find work arounds, undermining security solutions and leaving you open to attack, but DEM will help you stay ahead of these issues.

The one constant is change

Enterprise environments and cybersecurity solutions are changing faster than ever and show no signs of slowing down. Stay ahead of the curve by implementing HMF architecture within your environment.

Built with a single operating system, FortiOS, and unified management console, FortiManager, Fortinet’s NGFW offering, FortiGate, is ideally suited for building an HMF. Learn more.