Business & Technology

Four reasons the Channel should pay attention to Internal Segmentation Firewalls

By Joe Sykora | November 19, 2015

With the network perimeter disappearing before our eyes, a new model of firewall deployment represents an untapped opportunity for the security channel that shouldn’t be ignored.  Here are the top four reasons you should pay attention to Internal Segmentation Firewalls (ISFW):

1. The traditional “edge” firewall is no longer enough.

As enterprise organizations adopt the latest IT technologies like Mobility and Cloud – and look ahead to things like container security – one unintended result is the expansion of the network’s attack surface.  This creates more access for Advanced Threats to enter the network which significantly increases risk. Networks are now more vulnerable than ever to data breaches because once inside, Advanced Threats are poised take advantage of the often flat and open architecture.

Traditional firewalls protect only the network edge, leaving data within the network unguarded and open to breaches. This “outside-in” approach to network security and the assumption that nothing gets past the firewall is simply outdated.

The Internal Segmentation Firewall is a new class of security device that sits at strategic points on the internal network.  Ideally the ISFW will integrate with other elements of the enterprise security architecture under a single pane of glass management hierarchy to further reduce complexity in the organization. Internal firewalls add an extra level of security to provide network segmentation further protecting key internal data and assets in the event a threat gets past the perimeter.  Once in place, the ISFW can provide instant “visibility” to traffic traversing into and out of a specific network segment thus delivering proactive and real-time protection based on the latest security updates. Download our white paper, “A New Class of Firewall – Internal Segmentation Firewall (ISFW)” to learn more about the benefits. 

2. ISFW represents incremental revenue beyond the traditional firewall.

Traditional “edge” firewalls, while still a necessary component of a cogent security policy, only provide partial visibility into the attack lifecycle by primarily observing ingress and egress activity.  Deployment of an ISFW complements the traditional firewall structure, and provides more complete visibility into the additional internal activity of the hackers once they’ve compromised the edge.  Having a thorough picture of both internal and edge activity enhances all phases of a complete ATP framework.

Studies of internal “east-west” network traffic estimate it to be 3-4 times the amount of edge traffic. Because traditional firewalls have been architected to the slower speeds of the Internet Edge, it’s difficult to deploy them internally in a way that meets the performance requirements of core networks.  This creates additional opportunities for incremental services revenue as the ISFW must be deployed with additional bandwidth, rapidly, and with minimum disruption to the production network.

3. It’s a business sell, not a technology sell

The c-suite, has entered the conversation of IT security, and rightfully so…they’re the ones who have to answer to stakeholders when a security breach occurs.  Perhaps the driver is a mandate from the Board of Directors for a mitigation strategy addressing advanced threats inside the network, or the PR nightmare that results from an attack; either way, ISFW speaks to the heart of their concerns, with the capability to compartmentalize different parts of the network that cyber criminals are after: financials, intellectual property, customer data, etc.

Internal Segmentation Firewalls deliver a full spectrum of advanced security services, allowing for the enforcement of policies that complement standard edge firewalls. This real-time visibility and protection can provide early indications that data, applications, networks, and users are at risk, and is critical to limiting the spread of malware inside the network. 

As a reseller, you should be looking to raise the conversation to the business side of the house…it’s typically where the decision-making and budget power resides, and ultimately allows you to sell a solution into the entire organization, rather than a one-time point product sale. 

4. 56% of organizations are evaluating ISFW now or in the next 12 months (IDG)

The time is now to get in front of prospective customers. With 56% of them evaluating the solution, the opportunity is large!


Are you seeing ISFW as an opportunity with your customers?  What has been the driving force for adoption?