Have you opened an old piece of technology and thought to yourself “Does this still work?” I recently had the same thought as I wondered if traditional firewalls still matter when the cloud and Zero Trust are everywhere. So, let’s just chat about this as two friends drinking coffee together.
But things change. Now everything is in the cloud, and Zero Trust states we should not trust anything by default.
Traditionally firewalls were designed to protect the “perimeter.” But there isn’t a perimeter in the cloud. Things continue to move and change all the time. How could a firewall protect something that never stays still?
Zero Trust makes the network very small by breaking the network down into tiny piece large. This means that every user only gets access to something they need, easy.
Traditional firewalls are not designed for that since they expect a large clear border not lots of small borders.
Identity Turns into the New Security Check
Zero Trust is really all about who you are, what device you use and how you behave.
Old firewalls used to rely mostly on IP addresses, and those are changing constantly in cloud environments, so they fall far behind very quickly (if they even stay relevant!)
Firewalls still work well for:
Here's why they prevail:
It's comparable to an old car—you can still drive it, but would you select it for a long trip while a brand-new one waits by it? Likely not.
Firewalls still have their usage, but Zero Trust security controls are doing the heavy lifting.
And the next time someone states, "Our firewall protects everything," simply ask: "But what perimeter do we have in the cloud?" That question will always get a good discussion going!
Why Firewalls Worked and Why They Face Difficulty Now
Firewalls were trusted as strong security guards protecting the inside network from the outside world for years.But things change. Now everything is in the cloud, and Zero Trust states we should not trust anything by default.
Traditionally firewalls were designed to protect the “perimeter.” But there isn’t a perimeter in the cloud. Things continue to move and change all the time. How could a firewall protect something that never stays still?
Zero Trust Works Very Different
Micro-Segmentation Makes for Smaller AccessZero Trust makes the network very small by breaking the network down into tiny piece large. This means that every user only gets access to something they need, easy.
Traditional firewalls are not designed for that since they expect a large clear border not lots of small borders.
Identity Turns into the New Security Check
Zero Trust is really all about who you are, what device you use and how you behave.
Old firewalls used to rely mostly on IP addresses, and those are changing constantly in cloud environments, so they fall far behind very quickly (if they even stay relevant!)
Where Traditional Firewalls Still Work
Before we say that firewalls are useless let’s be fair, they still might work depending on the organization and the context, especially if the company has both on-prem and cloud systems still functioning.Firewalls still work well for:
- Filtering basic traffic
- Old applications that have not migrated to the cloud
- Rules or laws that require perimeter security.
Why Are Zero Trust Tools Better than Firewalls
Once I went down of using zero trust tools, I was amazed how smart and flexible they felt compared to what I used to use, namely firewalls.Here's why they prevail:
- The rules are dynamic and adapt based on the user.
- Every action gets analyzed multiple times.
- Scaling in cloud environments is easy.
- It is easier to detect odd or risky behavior.
So... Are Firewalls Irrelevant?
Not entirely. But in a Zero Trust cloud environment, their role is small.It's comparable to an old car—you can still drive it, but would you select it for a long trip while a brand-new one waits by it? Likely not.
Firewalls still have their usage, but Zero Trust security controls are doing the heavy lifting.
Final Thoughts.
If you're moving to Zero Trust (and you should), only utilize firewalls when it makes sense. Let the cloud-native, identity-based tools manage the majority of the security.And the next time someone states, "Our firewall protects everything," simply ask: "But what perimeter do we have in the cloud?" That question will always get a good discussion going!