Are Network Firewalls Truly Safe?

Ever since the cloud infrastructure came to roost, ring fencing it with impregnable security through a firewall has caught the fancy of investors and the industry. Small wonder that the PE/VC community pumped in $11 billion into infrastructure during 2023, with a tidy sum going towards securing the networks. 

However, a new research by a not-for-profit entity reveals that multiple cloud network firewall technologies may not be as safe as we’ve known them to be. Testing lab CyberRatings recent tests across such technologies showed diverse results from the likes of AWS, Check Point, Cisco, Fortinet, Juniper, Palo Alto Networks, Sophos etc.  

The company checked out several common technologies in a cloud network firewall and its abilities to monitor and control inbound and outbound network traffic based on predefined security rules. Per CyberRatings, a Palo Alto Networks’ security product scored a 100% while Versa Networks got a 99.9% rating and Check Point stood at 99.8%.

Is AWS that unsafe? Or has there been an error?

However, what was the biggest shocker was that the tests found AWS to be at the bottom of the pile with CyberRatings giving the AWS Network Firewall a security effectiveness of just 5.39% – which is abysmal by any stretch of imagination.  And the tester notes that the low score wasn’t due to a specific vulnerability or zero-day issue. 

A report published on SDxCentral quotes CyberRatings.org CEO Vikram Pathak to suggest that there were no immediate causes for the ratings to be low for AWS. It is just that the airbag in the car does not work but it wasn’t like the security was so pathetic that anyone could knock down the wall and get in. 

However, Amazon wasn’t too kind about the report that Pathak had sent to them before having some conversations thereof. Here’s what they said in a response to the publisher: “AWS Network Firewall, which allows customers to define firewall rules that provide fine-grained control over network traffic, is working as designed.” 

“This report is inaccurate and incomplete, and we recommend customers review the AWS Network Firewall Best Practices Guide to determine the deployment and rules appropriate for their environment,” the AWS spokesperson noted in the email that they shared with the publishers, thus openly questioning the veracity of the report.

However, CyberRatings stood by their testing and its methodology. The company said they had tried repeatedly to get the AWS network firewall to function as it should and followed the instructions AWS support had provided. Whatever be the case, there is no harm in checking once again by both parties involved as we are talking about data security in an age where cybercriminals are waiting to pounce on anything remotely insecure. 

Whatever be the case, a recheck is always better

Barely four days ago, one in every three Americans had their healthcare data compromised in what has been described as one of the biggest to hit the industry. UnitedHealth CEO Andrew Witty confirmed in testimony to Congress that personal data was swept away in a February ransomware attack on UnitedHealth Group’s subsidiary.

He also revealed that it may take several months before UnitedHealth would be able to identify and notify those Americans who lost their personal data to the hacker.  According to a report published by CNN, Witty even apologized to patients and doctors while admitting to the hack through a poorly protected computer server while confirming a $22 million ransom payout to the hackers.