What is a next generation firewall?
Traditional firewalls have been around for decades. But NGFWs, uninhibited by the same technology limits, take advantage of significant advancements in storage space, memory, and processing speeds. The feature set for NGFWs build upon traditional firewall features by including critical security functions like intrusion prevention, VPN, and anti-virus, and even encrypted web traffic inspection to help prevent packets containing malicious content from entering the network. Many NGFWs are also capable of integrating with modern networking topologies like software-defined wide area networks (SD-WAN).
Look around at the different firewall solutions today, and you’ll discover that most vendors label their solution as NGFWs. However, without a consensus from the security industry about what a next-gen firewall is and what it is not, organizations must look at all the features and decide if the solution fits their business needs.
What are the benefits of a next generation firewall?
Compared to traditional firewalls, there are myriad benefits to be aware of. At a high level, NGFWs provide comprehensive application visibility and control, can distinguish between dangerous and safe applications, and can help prevent malware from penetrating a network.
Here are five of the most important aspects of how an NGFW helps organizations:
Network-based firewall service
Fully managed, cloud-based firewall providing continuous inspection and treatment of internet traffic.Learn more
Why invest in a next-generation firewall?
The primary function of any firewall is to help protect against unwanted or malicious traffic entering or exiting a network. However, as threats evolve and become more difficult to detect, enterprise network security must remain equally sophisticated.
Traditional firewalls can only filter traffic flowing in and out of the network based on port number, IP address or domain using an “all or none” methodology. In a time when most attacks targeted networking services and components, the security provided by a traditional firewall was once good enough. However, the majority of exploits are now directed towards a specific application weakness.
Over time, a complication had surfaced because many applications use the same port number: most commonly HTTP port 80. With most organizations needing the ability to distinguish which applications to allow into their network, blocking or allowing based on port number is not sufficient. A next-generation firewall addresses the many weaknesses of traditional firewalls and provides more granular control over network security.
NGFW vs. UTM
So, we’ve covered the difference between traditional stateful firewalls and NGFWs, but the network security discussion can become even more obscure with the addition of unified threat management (UTM). First, it’s important to note that the two solutions are often used interchangeably. However, they are not one and the same. Many security industry analysts differentiate UTM as a solution that includes NGFW components and then stacks additional security capabilities — much like NGFWs build upon traditional firewalls.
NGFWs are firewalls that include IPS and offer some form of application intelligence. UTMs, on the other hand, include those features plus technologies such as wireless security, URL filtering, email security, VPNs and web application firewalls. Because UTM systems integrate so many security tools in one solution, they offer simplified deployment and management, reduced implementation costs, and allow for faster incident response times.
NGFW vs. virtual or cloud-based firewalls
Most firewalls on the market today are classified as NGFWs. So, when we’re comparing appliance, virtual and cloud-based firewalls (often offered as firewall-as-a-service or FWaaS), we’re not comparing features. Next-gen represents what a firewall does, whereas appliance, virtual or cloud-based firewalls represent a form factor or where the firewall resides.
If a firewall has any of the technical capabilities we’ve discussed here, it’s probably next-generation, regardless of where it is hosted. Cloud firewalls are specifically hosted, appropriately so, in the cloud and virtual firewalls could be hosted within a company’s data center on an appliance or elsewhere. Typically, cloud-based firewalls are managed, configured, updated by a third-party vendor to ease the management burden for the company deploying them.