maintenance - All Articles - CISO Platform2024-03-28T16:28:17Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/maintenanceFirewall Checklist - Top 10 Things Your Next Firewall Must Do!https://www.cisoplatform.com/profiles/blogs/firewall-checklist-the-top-10-things-your-next-firewall-must-do2014-05-08T12:00:00.000Z2014-05-08T12:00:00.000ZCISO Platformhttps://www.cisoplatform.com/members/CISOPlatform<div><p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">The <strong>next-generation firewall</strong> is well defined by Gartner as something new and enterprise-focused <strong>“incorporating full-stack inspection to support intrusion prevention, application-level inspection and granular policy control”</strong> .</span></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Most network security vendors are now offering application visibility and control by either adding application signatures to their IPS engine, or offering you an add-on license for an application control module. In either case, these options are additive to a port-based firewall, and do little to help you focus on the fundamental tasks your firewall is designed to execute.</span></p>
<p><span style="color:#333333;"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">( </span><span style="font-size:13px;"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">Read more</span>: </span></span> <span style="font-family:arial, helvetica, sans-serif;" class="font-size-3"><strong><a href="http://www.cisoplatform.com/profiles/blogs/5-application-security-trends-you-don-t-want-to-miss">Top 5 Application Security Technology Trends</a> </strong>)</span></p>
<p></p>
<p><strong><span class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></strong></p>
<p></p>
<p><span style="color:#3366ff;font-family:arial, helvetica, sans-serif;" class="font-size-4"><strong>Next-Generation Firewall Requirements:</strong></span></p>
<ul>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify applications regardless of port, protocol,evasive tactic or decryption.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify users regardless of device or IP address.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Decrypt outbound SSL.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Protect in real-time against known and unknown threats embedded across applications.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Deliver predictable, multi-gigabit inline deployment.</span></li>
</ul>
<p></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Firewall selection criteria will typically fall into three areas: security functions, operations, and performance.The security functional elements correspond to the efficacy of the security controls, and the ability for your team to manage the risk associated with the applications traversing your network. From an operations perspective, the big question is, “where does application policy live, and how hard or complex is it for your team to manage?”</span></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">The performance difference is simple: can the firewall do what it’s supposed to do at the required throughput </span><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">your business needs? </span></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">( Read more:</span><span class="font-size-3"><span style="font-family:arial, helvetica, sans-serif;color:#333333;"><span style="font-size:13px;"> </span></span> <strong><a href="http://www.cisoplatform.com/profiles/blogs/how-should-a-ciso-choose-the-right-anti-malware-technology">How Should a CISO choose the right Anti-Malware Technology?</a></strong> <span style="font-family:arial, helvetica, sans-serif;color:#333333;"><span style="font-size:13px;">)<br /> <br /></span></span></span></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></p>
<p></p>
<p><span style="color:#3366ff;font-family:arial, helvetica, sans-serif;" class="font-size-4"><strong>The Top 10 Things Your Next Firewall Must Do are:</strong></span></p>
<ul>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify and control applications on any port</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify and control circumventors</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Decrypt outbound SSL and control SSH</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Provide application function control</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Systematically manage unknown traffic</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Scan for viruses and malware in all applications, on all ports</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Enable the same application visibility and control for all users and devices</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Make network security simpler, not more complex, with the addition of application control</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Deliver the same throughput and performance with application control fully activated</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Support the exact same firewall functions in both a hardware and virtualized form factor</span></li>
</ul>
<p></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></p>
<p></p>
<p><em><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">What does 'NextGen Firewall' mean to you? Are there more features that should be added to the checklist? Share your views in the comments below<br /> <br /></span></em></p></div>