The increasing frequency and sophistication of today’s threats, and our growing dependence on Web applications and virtualisation, are driving a demand for next generation firewalls (NGFWs).
Jayson O’Reilly, director of Sales and Innovation at DRS, says typically, a firewall protects a business network from threats on the Web. He describes NGFWs as deep-packet inspection firewalls that do not just handle port and protocol inspection and blocking, but also handle application-level inspection and intrusion prevention.
“A NGFW will use intelligence from beyond the firewall to block threats.”
A recent survey by security policy management giant AlgoSec revealed that more businesses are starting to use NGFWs – nearly 57% in 2013, up from 41,2% the previous year.
“NGFWs provide newfound levels of policy granularity and controls, and boost security tremendously. They are far more intelligent than the previous generations of firewalls we have seen, and offer organisations greater efficiency, security and flexibility,” says O’Reilly.
NGFWs are revolutionising security as we know it, he explains. Traditional firewalls focused on packet inspection and access control rules that are woefully inadequate against the complex threats of today. NGFWs deliver a far greater level of network security.
“Using firewalls of the past could be likened to using a bulldozer to do the job of a hammer. Old firewall technology often summarily blocked large chunks of data, without analysing what that data was, or who was trying to access it. This could cause more problems for the technology department than were solved by having a firewall in the first place. However, NGFWs have honed the process to a fine art, with controls that are highly specific and precise, even down to the individual user.”
Moreover, O’Reilly says today’s NGFWs are so much more than just a firewall, offering multi-functionality that many businesses are not even aware of.
“Today’s firewalls bundle the expected firewall functionality with protocol filtering, anti-virus and intrusion prevention. NGFWs offer real-time decryption and inspection of SSL sessions, as well as total control and visualisation of application traffic as it crosses the network. This adds enormous value to the organisation, as no longer, does it need to purchase all these elements separately.”
Due to the fact that NGFWs lower the number of security appliances needed by any organisation, capital and operating expenses are greatly reduced, he adds. Not to mention the time and money saved, as the technical department no longer needs to manage and control these disparate appliances.
“Today’s modern threats need modern solutions,” O’Reilly concludes. “NGFWs are designed to identify and put a stop to the advanced threats we are seeing today, that use several techniques, and many different vectors to achieve their malicious ends.”
