Security vs. Performance: Don’t Sell a Firewall That Makes You Choose


A firewall can be an effective tool against unauthorized access to a computer or network. The problem, however, is that the security rules associated with a firewall can also prevent employees from accessing files they need to do their jobs. As such, MSPs often find themselves the referees in this computer version of “an immovable object meets an unstoppable force.”

The conflict can be further escalated by frustrations with computing speed. Software firewalls, which use a network’s resources to operate, can potentially slow down computers, especially if the firewall is incorrectly configured.

An unfortunate result of this conflict is that a number of firewalls get turned off. In fact, in a 2014 study of 504 IT professionals, 31 percent admitted to disabling deep packet inspection, 29 percent disabled anti-spam, and 27 percent disabled URL filtering. The cybersecurity landscape has become a much riskier place since that survey, but when an IT team is struggling with a problem — and a staff that’s frustrated because they can’t access the information they need or work at their usual pace — the temptation to disable the firewall can still be there.

How Next-Generation Firewalls Solve the ‘Either Or’ Dilemma

As you evaluate firewalls for your customers or to use as a part of your security-as-a-service offering, insist on solutions that don’t make you choose sides in the conflict between security and performance.

Of course, a firewall must enhance security, performing tasks such as limiting remote access to the network, blocking port or IP scanning attempts, and stopping key loggers from monitoring keystrokes. Take the time to educate your customers on the firewall’s role in prohibiting unauthorized access and preventing malicious files from getting through to their networks so they fully understand why it’s a critical part of a security solution.

As important as network security is, however, you can’t allow it to trump a business’ need for computing performance. Your customers need the ability to optimize productivity so they can provide a level of customer service that makes them competitive and allows them to maximize revenues.

A next-generation firewall is a foundational piece of the security puzzle. It addresses many security needs for your clients, including advanced threat detection, dual-layer virus blocking, intrusion detection and intrusion prevention, and protection against malware, ransomware, and zero-day exploits. It also gives IT managers and MSPs visibility into applications and users, taking network protection to a higher level.

Next-generation firewalls feature intelligent traffic regulation that gives critical systems priority and also allows more accurate identification of malicious traffic so safe traffic isn’t bottlenecked.

Be Sure Your Security-as-a-Service Offering Meets These Criteria

For MSPs with a security-as-a-service offering, it’s important to find a security solution that’s profitable to deploy and manage. Look for a next-generation firewall that won’t require excessive manual configuration and management, which can quickly eat up labor resources and drive up expenses. Additionally, you want a solution that offers centralized management of all of your customers to help control your costs and increase your profits.

Finally, choose a solution that works with your business by providing the level of security your customers need without decreasing network performance and by integrating with additional components of your security and services offering (e.g., BDR, remote monitoring and management). The best solution will be a win-win for you and your customers by supporting them with security and performance and enabling your company to earn a healthy, recurring margin at the same time.

Chris Crellin, TK
Chris Crellin is senior director of product management for Intronis MSP Solutions by Barracuda. Read more Intronis MSP Solutions blogs here.