Assessing the Needs for Today’s Modern Security Gateways Home Insights Blog Assessing the Needs for Today’s Modern Security Gateways July 16, 2020 Assessing the Needs for Today’s Modern Security Gateways In this guide, Lloyd Tanaka of Check Point Software offers a series of tips to help assess requisite capabilities for today’s modern security gateways, which are hugely important for managing your new post-COVID threat landscape… Thanks to the global pandemic organizations are adjusting to a new reality. The abrupt shift of entire workforces to home offices has also altered the threat landscape, offering distinct new challenges for IT Security teams. Opportunistic threat actors have intensified their efforts to exploit the upheaval to target your vulnerabilities. The U.S. Department of Health and Human Services (HHS), the overseer of the Centers for Disease Control and Prevention (CDC), is being attacked daily. The European Union has condemned attacks on critical systems needed to fight the coronavirus. And Check Point Research has determined that over 51,000 coronavirus-related domains have been registered since January 2020, with nearly 10 percent deemed malicious or suspicious. Securing already rapidly-disappearing network perimeters is a key concern. How do you protect an entire remote workforce where ransomware operators have identified a practical target – your network devices like gateway and virtual private network (VPN) appliances? How can you hunt down these ransomware attackers and identify compromised assets? These latest threats may have you reconsidering your current security solution. You’ve identified some gaps in your security, but how do you choose the vendor that best fits your needs? Where do you start? Preventing today’s targeted zero-day attacks requires new cyber strategies, such as the inclusion of an end-to-end, consolidated cybersecurity architecture. It requires the bolstering of your cyber first line of defense – your network security gateways. Here are six important questions (and our tips) you should ask when assessing your network security gateways: Tip One – Getting peak performance from existing gateways. Do your security gateways match your peak use? Retailers, for example, can often experience traffic spikes with active seasonal shopping. A security solution offering hyperscalability (the ability to scale on demand) with your gateways can more effectively meet the needs of your organization. How do you calculate your need? Consider the number of users, internet connection size and traffic mix, then conduct proof of concept (PoC) testing. In this assessment, you need to verify that you can safely enable new security features as well as HTTPS inspection. Tip Two – Connecting to the network. Choose between copper or fiber cables and decide how many ports and at what speed (1/10/25/40/100 Gb) you require. How will Wi-Fi be used? You’ll also need to understand how many appliances you’ll need and where to deploy them – on premises, in branch office locations, in cloud or hybrid cloud configurations. With a remote office, you’ll need to know if SD-WAN is supported in order to optimize connections across different circuits and to different sites such as branch to branch, branch to data center and branch to cloud. Choose a vendor with a solution that meets your networking requirements. Tip Three – Assessing Risk. Your risk assessments will dictate whether you require high availability (HA) appliance hardware such as power supplies, disks, fail-open NICs or a cluster of two or more appliances. You need to assess the level of support that will be required. Is five days a week enough or do you need seven-day premium support? Additionally, will you need to apply special service level agreements (SLAs)? Your assessment of risk will indicate your vulnerability to exploits. Choose a vendor with a solid track record of delivering secure product and responding to vulnerabilities who can offer you a complimentary security checkup to cyber proof your organization. Tip Four – Security Management. Most organizations connect to other systems (such as an enterprise SIEM for log analysis or an Active Directory server for identity purposes). Integrations might also include a change management platform or a monitoring system. If you’re a larger organization that’s codifying operational processes, choose a vendor with APIs that support automation and orchestration platforms like Ansible or Terraform. Consider how security administrators perform. What are their learning curves when handling new platforms and systems? Do they require special certifications? Choose a vendor with a unified security management platform that offers an intuitive, easy-to-use interface and multi-tasking capabilities. This will help your security administrators become more productive as they can work in parallel. How many hours of labor will be required to manage daily/weekly changes to security policy? Will you need built-in reporting or forensic tools? How about revision management? Do you need multiple administrators to work at the same time? What change control or workflow is required and will that necessitate separate software for this? Does the management system have tools for your Security Operations Center (SOC) team to investigate threats? Do you prefer cloud-based security management for improving the speed of deployment and maintenance of your system? Management-as-a-Service can get systems up and running within minutes, instead of taking time to specify an on-premises system and installing the software or acquiring the appliance from a vendor. Tip Five – Security Features. New security capabilities are being incorporated into security gateways. Do you require an intrusion prevention system (IPS)? What about sandboxing technology? Has your security been tested, and if so, what is the effectiveness score and the rate of false positives? Is there an impact on users when enabling security features? Do your gateways support remote access with strong, multi-factor authentication, and from multiple devices, including Windows, Apple, iOS, and Android? Do they automatically update the protections? Choose a solution that meets all of your requirements and that has advanced security such as sandboxing technology that has been vetted in independent third-party tests. Tip Six – Cost Considerations. When acquiring or updating your network security gateways, cost is a consideration. How much will support, training and subscription licenses cost? When or how often will you need to replace or refresh the gateways? Are there any extra or hidden costs for remote access or separate hardware requirements for managing policy and logs? Are there extra people-hours required to handle these daily tasks? Choose a solution with the best security, the lowest Total Cost of Ownership and easy, zero-touch deployment capabilities to save time when deploying new systems. Summary Choosing the right security product depends on understanding the technological functions that will protect your organization from the latest threats. Now that you know what’s on the market and which tools can provide unyielding and robust digital defense, you can make the best cybersecurity decisions possible for your organization. To explore the next generation of network security gateways, click here. For more CISO-level perspectives, visit cybertalk.org. By: Lloyd Tanaka Content Marketing Manager | Check Point Software Lloyd Tanaka is the Content Marketing Manager at Check Point Software. His responsibilities include content strategy development which includes the conceptual framework and business case for content targeting CISOs and other information security executives. He manages a team of content strategists, producers, and operations specialists. He has spent several decades in various security software marketing and content roles. He resides in the Bay Area. Share: Threat Partner Series Copyright © 2021 Optiv Security Inc. All rights reserved. No license, express or implied, to any intellectual property or other content is granted or intended hereby. This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information. Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards. Complaints / questions should be directed to Legal@optiv.com RELATED INSIGHTS BLOG May 28, 2020 Thanks to COVID-19, Remote Work is Here to Stay Recent research from Gartner and others indicates the COVID Work From Home spike is here to stay. See Details Read more about Thanks to COVID-19, Remote Work is Here to Stay BLOG June 11, 2020 Infrastructure as Code: Terraform, AWS EKS, Gitlab & Prisma Cloud A how to guide using Gitlab, Hashicorp Terraform Cloud, AWS EKS and Palo Alto Networks Prisma Cloud to build and secure a Kubernetes cluster. See Details Read more about Infrastructure as Code: Terraform, AWS EKS, Gitlab & Prisma Cloud BLOG April 25, 2018 Five Application Security Best Practices for Serverless Applications Serverless architecture enables applications to be developed and deployed without management of the underlying host or operating system. Instead of a ... See Details Read more about Five Application Security Best Practices for Serverless Applications How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.