Why Your Firewall Strategy Isn’t Working

Posted by Gerry Poe

Your Firewall Strategy Isn’t Working:
It's All About Internal Network Firewalls

threatcon-level4The truth is the internal network is no longer a “trusted” environment - whether a malicious outsider, evil insider or unknowing participant - once inside, threats can spread easily and quickly and do maximum damage. Internal firewalls, while not a new concept, are finally taking hold and the results are a game changer for network protection.

What you can expect:

  • Complete, continuous inside-out protection against advanced threats
  • Easy default Transparent Mode deployment without network reconfiguration
  • Multi-gigabit performance supports wire-speed East-West traffic

No one is trying to reinvent the wheel here, but let's call a spade a spade. The level of threats are increasing, they are advanced, they are persistent and they are costly, so it's no surprise traditional firewalls, focused on borders, are just not working like they used to.

For example, our business uses Fortinet Firewall appliances to trap, monitor and restrict all traffic to a monitored list. However, we also receive intrusion attempts to the tune of 300-500 per day; which are blocked and reported to IT by the firewall security appliance. In one month, we receive approximately 10,000 threats of various types and Threatcon levels. So I went to the Internet today to search for relevant NEWS which makes the case for internal network security.

Before I share the news, watch this video where someone hacks into a computer system in under one minute: 


More Reasons to reconsider your current security platform:



Protect your Enterprise Network from the Inside-Out


All businesses need threat and intrusion protection, from non-profits, manufacturers, to distributors, we receive reports in the news of hacking and intrusion risks at the highest levels of technology. Where we once said 'nothing I have is important enough to worry about,' we now hear stories about successful penetration, through layers of threat protection, being achieved.

As organizations embrace the latest IT technologies such as Mobility and Cloud, traditional network boundaries have become more complex to control and secure. With many different ways into an enterprise network today, Advanced Threats, once inside, take advantage of the flat and open network. The Solution is a new model of Firewall – Internal Network Firewall (INFW) - that sits at strategic points of the internal network. Internal firewalls add an extra level of security to protect key internal data/assets in the event a threat gets past the perimeter.

Network security starts with elementary PC-based operating system level protection. Enterprise prevention systems for virus, spam, intrusion and email threat controls using internet firewalls and security appliances. These various tools are meant to stop and prevent loss of data and business integrity. Regardless of your business size, considering enterprise-class security is your best hedge against breaching your security.

"Who will hack us? No one will go to that much effort or expense."

Daily there are kids sitting in their basements making a game of it and employees of competitors are told "I don't care how you do it, find out about that company!" The employees aim to please. Third world countries have increased access to the Internet and for them, there are no rules or laws to touch them.  A recent example of hacking in the news:


A typical business may use some or all of the following:

  • Internal server-hosted enterprise security software managing per-device operating threats. Symantec Endpoint Protection Suite is an example.
  • Microsoft Exchange email anti-spam protection layered with Symantec Mail Security.
  • Firewall security appliances like Fortinet 100D.

Another challenge for business is remote access, mobility and portable computing devices used independent of inside enterprise security software and appliances. These devices can bring back to home, from inside the firewall to spread threats across a business domain.

Keeping up with the “Threatcons in the threat world is an ever present task. For example:

  • Budgeting for persistent technology aging and advancements
  • Software licenses, versions, levels of protection; operating systems, software,
  • Hardware and software levels for all systems and appliances; firmware, etc.
  • Structured training, awareness and threat management at the user device level
  • Strategic planning against business continuity and loss of operations.

"The Internal Network Firewall (INFW) has been talked about for some time," said Ken Xie, founder and CEO of Fortinet. "However, there have been limitations with firewall technology and performance that have prevented their wide-spread deployment internally. With the sophistication of recent advanced threats, the need for internal firewalls is even greater."

Fortinet is the security appliance of choice for thousands of organizations. We are pleased to present this informative and insightful information with a deep dive into exactly why INFW is the new “must have” in the ever-shifting threat landscape.

What you can expect from INFW firewall technologies

  • Complete, continuous inside-out protection against advanced threats
  • Easy default Transparent Mode deployment without network reconfiguration
  • Multi-gigabit performance supports wire speed East-West traffic

Enhancing the ATP Cycle with Internal Visibility

Next-generation firewall’s (NGFW) play a key role in a continuous cycle of prevention, detection and mitigation for Advanced Threat Protection (ATP), by blocking known threats and handing off unknown high-risk items to a sandbox for detection. However, as most NGFW’s are deployed traditionally at the external gateway, this sees a subset of malicious activity during ingress and egress. Deploying firewalls as an INFW provides enhanced visibility throughout the internal network to prevent and detect lateral movement, as hackers attempt to locate assets and data of value and spread from compromised hosts to others.


With mobility technology use across the manufacturing landscape using personal uncontrolled and corporate networks, your threats are coming from all sides. Protecting enterprise security and operations consistency has little to do with chance. Proactively managing all levels of threat using purpose build systems focused on continuous safety is your best bet.

If you are thinking about improving security, you can start with our Enterprise Self Assessment.  It's free.

Download the Checklist: The Complete Enterprise  (ERP) Self Assessment




Tags: Enterprise Mobility, Mobile Security

Please share!

Visual Planner
for SYSPRO Factsheet:

visual planner

Recent Posts

The Compete
Enterprise ERP Assessment:

enterprise erp assessment