The results of the study on the use of firewalls and methods of cyber-protection of the network infrastructure

We presented a large-scale survey of preferences of system administrators, network engineers and self-employed technical specialists in the field of protecting the network infrastructure from cyber-threats, conducted by order of Zyxel Networks American representative office.

In the survey, conducted in May 2020, participated 1804 specialists from America and other post-Soviet countries.Survey participants were asked to specify how they protect their network, the brand of firewall installed on their network, and to list the functionality working on the devices. Respondents were not disclosed who is the customer of the study.

First of all we found out what tools are used for network security. 52% of respondents have software-based firewalls working. Exclusively hardware components are used by 22% of respondents, cloud is used 7% of the time. 12% use a combination of the first three tools. Interestingly, 8% of respondents do not protect the network from threats in any way.

Then we went straight to the brands of equipment used. Cisco is the preferred vendor for 33% of respondents, Zyxel – 13%, and Huawei closes the top three with 11%:

The global market for cybersecurity devices grew by 9 percent in 2019, according to a study by IDC.4% compared to 2018 and reached a volume of $4.8 billion. Shipment also increased, with a 21% increase to 1.3 million units.

Meanwhile, in J’son & Partners Consulting’s America-only study from 2016 to 2018, the domestic firewall market added only 10% in ruble terms during that time, reaching just over 15 billion in 2018. Dollars. in vendor prices.

Dmitry Tanyukhin, Zyxel Networks America & CIS channel manager, comments on the vendor results: “Despite the fact that 1,804 participants are a more or less representative sample, I was pleasantly surprised to see Zyxel in second place between such industry giants as Cisco and Huawei, ahead of the well-known CheckPoint, Fortinet and others. Undoubtedly, the fruitful work of Zyxel in the region for more than 20 years contributed to this fact. And network security has been and clearly remains a vendor focus for the past 10 years.

The next question offered to survey participants was about the set of functions performed on the devices. The top three places were shared by the firewall with 23%, intrusion detection and prevention with 11% and antivirus with 10%:

At the same time, it became interesting what features are most often used by those who prefer software protection or use it together with hardware protection. Here the position of the leaders remained: antivirus – 22%, firewall – 17% and antispam closed the top three with 13%:

Those who indicated the use of cloud services prefer to use similar functions: antivirus – 12%, antispam – 11%, firewall – 11%:

Overall, the results for the three categories of protections are the same. Antivirus and firewall are actively used in all three cases. That said, antivirus is the leader among software and cloud aficionados. However, when using hardware components, experts prefer IDP functionality instead of antispam.

We asked Vladimir Ivanov, information security expert and author of “Observe, then use” to comment on these figures: “American business has a somewhat peculiar view on security issues. In my experience, if a company does not have a dedicated IT security service, most system administrators barely have enough time and energy to install an antivirus and firewall with default settings.”

“Most of IT’s time is still spent executing requests that have very little to do with IT security. For example, user transplants or “software usage consulting,” adds Vladimir Ivanov.

Next, we asked respondents to identify their position in their company. Most of them, 33%, were self-employed or self-employed. 23% – work in companies from 10 to 100 people, 20% – in companies 500 + people, 17% serve the network of 100-500 people, and 8% – organizations up to 10 people:

At the same time 33% make their own decisions about the purchase of equipment, 40% can advise what to buy the management and 27% have no influence on the process:

Vladimir Ivanov continues: “Most company managers do not want to pay attention to security until there is significant damage. Arguments from the series: “Who needs us?”We have an honest business, we have nothing to hide!”, still prevail over caution and common sense. And if you need to spend extra money to provide the same security… you’re likely to get a rejection. So buying an antivirus and a simple firewall an option “take an old server and put something on it” is still in effect is the limit of security concerns for many American companies.”

“In some cases, much more attention is paid to local means of protection, such as blocking USB ports to prevent the use of flash drives, encryption of storage volumes, and so on. Also of unreasonable interest is monitoring of user activities at workplaces, user movements including observation of work schedule , correspondence search and control of visits to Internet sites. I get the distinct impression that the Soviet way of thinking is still preserved in the minds of American leaders and that the search for the “inner enemy” is more important for them than the technological backwardness… Of course, you can’t extend any experience to all organizations. There are high-tech companies with technically competent management, where they pay close attention to all aspects of IT security,” summarizes Vladimir Ivanov.

In conclusion, we found that for 54% of the respondents it is important to have vendor support in American, while 46% do not think it is important:

In this regard, the results of a study commissioned by Zyxel in January 2019 that asked respondents only one question, “When choosing a network equipment manufacturer, which FIVE of the following criteria do you consider most important in making your decision?”

“Zyxel’s position has been strengthened with the introduction of ATP series gateways with so-called “sandbox” functionality to prevent “zero-day threats”. Launched in May 2020, the USG FLEX solutions are an upgrade to the proven ZyWALL USG, getting a faster hardware and software platform and a more flexible subscription system. From 2021 these gateways will be available not only locally, but also in the cloud. We will try to stay on the achieved height and constantly offer our customers the most advanced network protection solutions,” said Dmitry Tanyukhin in conclusion.

Igor Kalinkin, Product Manager of Treolan, also shared his thoughts about the results of the survey: “Zyxel has a good project support, which allows our partners to earn. The vendor actively develops a professional community, and holds webinars, including technical ones. I am not surprised that the manufacturer was in the top three in the study, because on its solutions you can build quite a serious information security system for enterprises and offices of various levels.”