Perimeter 6min de Leitura - 23 de November de 2016

Open source UTM Firewall

This post is also available in: English

Information security has been taking hold in the ranks of companies around the world. Maturity on the subject dictates investments in information security in organizations. Some companies invest heavily, others invest in a timid manner, but there is a growing awareness of companies’ concern to protect, control and increase the availability of the Internet in their environments.

Many applications, systems and services have been migrated to the internet; others were born totally on the web. The transit of information is gigantic, and this naturally attracts attention of malicious people. Because of this, protection becomes an obvious need.

It is known that regardless of the size of the company, having security features is imperative for the continuous and appropriate use of the internet. In this sense, the reasons are very varied, from protection against leakage of information to increasing the productivity of employees with rational use of the internet.

Security features include the use of anti-virus installed on mobile devices, computers, servers, antispam,DLP(Data Loss Prevention), and even software and hardware highly specialized in increasing confidentiality, integrity and availability information.

When people think of security, they automatically associate it to the word firewall. No wonder, the concept has been densely applied in the information security universe for a few decades, and has been thoroughly perfected over the years. There are several corporate firewall solutions on the market, as well as free ones.

This blog post aims to bring an analysis about the use of open source UTM firewall solutions in corporate environments, listing points associated with deployment and maintenance of this type of solution in companies of various sizes and segments.

Perception of value

An important aspect to be considered during a firewall solution analysis process is the definition of value for the organization, because in most cases this does not necessarily mean price.

Thus, knowing what needs to be addressed by a firewall solution is critical for decision making. An aspect always highly valued is the issue of technical support, since it is common for companies not to have resources in their team with adequate knowledge to give continuity to the solution.

Continued Support

Much of the open source UTM firewallsolutions provide forums, discussion lists, and other mechanisms where the user community itself is responsible for generating knowledge about the product. It is an interesting and collaborative model, but it often does not characterize a viable option for a corporate environment.

Many companies have a strong need to use the internet; relying on a non-interactive response, which may not even occur, is difficult to achieve in most businesses.

Although there are companies that provide services overopen source UTM firewallsolutions, in some cases the depth of the problem will not be part of the vendor’s competencies, creating a barrier to solving the problem. In these cases, it is necessary to wait until the developer community has updated to fix a particular vulnerability/failure.

When purchasing a firewall solution, whether free or paid, verify whether you are buying only one product or if the vendor delivers knowledge and experience in the information security segment; this is very valuable for the success of your investment.

Paid support from the manufacturer

Open source UTM firewallsolutions are developed almost entirely by international companies, so few provide translated products and support in other languages, which may be an obstacle for companies that do not have bilingual staff.

In addition, for some companies, having an international contract paid in foreign currency can be a problem, compromising the experience of using the product. In these cases, the regionalized support ends up making a difference, as well as the lower volatility in the investment, generated by the exchange variation.

So, evaluate the impact of the objections presented earlier and check the feasibility of deploying open source solutions in your company. It is worth noting the importance of maintaining support plans, contracted directly from the manufacturer, guaranteeing minimal support for your business.

Remember, open source solutions eliminate investment in product licensing, one of the benefits of this model for customers.

Continuity of product development

Although open source is a solution, there are several ways for the companies behind this business model to be profitable organizations, either by selling support, or even by receiving donations from other companies that make use of their products.

On the other hand, there are solutions whose companies are formed by a single person, or by a very small team, which ends up generating some kind of distrust as to the ability to continue and update the product.

If your company has guidelines for consuming software solutions that require a well-established manufacturer, who offers constant updates, certifications, denser documentation, among other requirements, carefully evaluate the open source UTM firewall options found in the market to ensure that business needs are fully met.

The importance of a contract and confidentiality

Information security is an extremely delicate subject and because of this, there is an established relationship between two parties besides a product itself. Usually this is contemplated through a contract, which has clauses of confidentiality, among others, that comfort the contractor.

Some businesses do not require such formalization and signature of confidentiality terms, but this fact does not reduce the criticality linked to the purpose of the solution. Remember that open source UTM firewallwill have visibility over all connections generated by your company.

Therefore, when opting for an open source solution, evaluate whether the solution’s supply conditions are in accordance with your expectations and needs, opting for the one that best matches your type of business.

Professionals with knowledge in open source UTM firewall solutions

There are open source UTM firewallsolutions with a broad community and diverse professionals with deployment and support expertise in their environments. While this is not necessarily a guarantee of success, it potentially minimizes the chances of disruption from product failure, or lack of adequate technical support.

In some cases, companies choose to hire a collaborator, with expertise in open source solutions, visualizing cost reduction. This attitude should be evaluated with great caution, since the company exchanges guarantees and contributions of an organization focused on this type of activity for a person or small group with a conventional employment relationship.

For some businesses, this model may seem an interesting alternative, considering that the function of support and continuity of the open source solution is accumulated by an existing professional in the company. However, when this occurs, dependency on the employee is created, and the company can be left in the event of it being turned off.

Problems always occur; how to solve them?

Unfortunately, it is common to find companies that decide to purchase security solutions based only on price. This decision is usually based on the false perception that security assets work without the need for interventions or updates.

Professionals with experience in the information security market are aware that this type of presumption is not realistic. The probability that solutions require intervention at some point is much greater than the probability of operation without interventions. In this sense, it is worth emphasizing that interventions are not only due to bugs, but also to a configuration need or anomalous behavior, which needs to be solved, since the occurrence affects the business as a whole, or a good part of it.

Facing unavailability situations, many companies should ask themselves: How can we overcome these situations? Whom to call at this time? The answer will depend on the choices made in the deployment phase of the open source UTM firewallsolution.

If the company has a support plan with the manufacturer of the solution, or a specialized third party, contact them immediately. It is worth mentioning that if the company chose to hire third party support, and it is not the manufacturer, there is the possibility of certain failures to escape the third party’s scope of action, and it is necessary to wait for the release of correction packages by the manufacturer in order to solve certain problems.

If your option has been to verticalize the maintenance and support of the open source UTM firewallwith your internal team, the suggestion is to search for referrals of problem resolution in the developer communities and users of the product. Whenever there is a need to configure new features, product instability, or any other associated needs, the team will have these resources at your disposal. In extreme cases, the company may seek expert advice to solve problems.

When opting to deploy an open source UTM firewall solution, it is important for the company to evaluate a number of issues, including resources of the solution to your need, associated investment, company history, customer assessment, professional expertise, maturity, and the criticality and impact of the service on the business structure.

For many businesses in the early stages, having experience with an open source firewallsolution, supported by a local vendor, can be an exceptional alternative to solve specific business problems.

For companies that already have experiences with this market and a differentiated degree of exigency, other points of an open source solution will be evaluated, being able to bring restrictions to the implementation of these solutions. To top it all, there are standards-compliant organizations, established by regulators, where deployment of open source solutions is completely restricted.

The important thing is that you understand the timing of your company and opt for the most appropriate solution to meet existing needs, taking into account the topics covered in this blog post.

To further assist your decision making, be sure to read our e-book with 10 essential tips for acquiring firewalls. With this material, you will certainly have a great criterion of analysis of what is best for your moment.

This post is also available in: English