Should I run my firewall to the ground or get a new one?
July 23, 2025 ·
You're not alone when hanging on to that old firewall. It still works and IT mantra - “if it works, don't touch it” supported many of us for a long time.
Here are few considerations to make a conscious decision while managing associated risks. Isn't the “risk management” why we have put that firewall in place those years ago?
First, we want to keep the risk at an appropriate level. At the end of the day, we can't avoid it 100%, so it's a question of time and probability when we are going to face an issue.
We can split our considerations into few groups:
The considerations:
1. Security Incident: Due to a lack of existing firewall capabilities
- Current firewall has known vulnerabilities. Usually because a vendor no longer provides firmware upgrades for it.
- Current configuration hasn't been reviewed or simply it was misconfigured at the start or at some point. How many times we have seen a temporarily policies and settings left behind? You might want to use 3rd party “health check” service for a piece of mind.
- New features - skills shortage prevents us to confidently use many advanced features. Is AI powering your defence efforts?
2. Downtime: Physical failure of the equipment due to some of its components age
3. Compliance: Becomes effortless when security solutions are designed with regulations in mind DORA, GDPR, NIS2
4. Other considerations:
- Energy efficiency. Modern devices are 30-50% more power efficient and can process more data.
- Streamlined management through FortiGate Cloud and Advanced analytics through FortiAnalyzer provide visibility and evidence to confirm strong ROI.
Running your firewall to the ground might seem like the easier path until a breach or failure proves otherwise.
So, ask yourself: Is your firewall helping your business bloom or is it quietly withering in the background? If it's the latter, it's time to tap into vendor's promotions to trade-up, replace or lock-in longer support license while still offered.