Sounds like something from StarTrek? What are Next Generation Firewalls and why do you need one?
Well with recent breaches in some large and seemingly secure networks – LinkedIn, MySpace, DNC – some are wondering if the traditional firewall, anti-virus and intruder protection systems are enough, or whether they have lost their usefulness. The answer is of course, they are still very much needed but in many cases something more robust is also required.
And so, new on the scene, come next generation firewalls.
A Next Generation Firewall (NGFL) is a hardware or software based network security system that is able to detect and block very sophisticated attacks by enforcing security policies at the application level as well as at the port and protocol level.
NGFW's have 3 key components:-
Enterprise level firewall capabilities
Intrusion prevention systems
They contain more context for the firewall to make its decision about all the information passing through, and unlike traditional firewalls also include QoS information (Quality of Service).
Traditional firewalls often mean having to install separate IPS, WAFS, strong encryption at the Web layer (SSL/TLS), and antivirus and malware prevention.
This is time consuming and sometimes products can compromise each others functionalities. NGFWs offer a single-vendor product, which might well work out a more cost-effective and pragmatic approach to network security.
Cisco’s kit in this area is impressive http://bit.ly/28JO8Fz They describe their NGFW as the industry’s first threat-focused NGFW. The Firepower appliances combine proven firewall with the next gen IPS and advanced malware protection.
If the risk of breach is a concern for you, it might be time to upgrade to a NGFW.