The firewall in simple terms acts as a barrier to prevent unauthorized access or malicious traffic within a system or in a network. With the rapid growth of new innovative technology and alongside with the massive growth of new security threats, the traditional firewall is not enough to compete. To deal with these changes, vendors in the enterprise firewall market have created a new generation of firewall devices dubbed the Next Generation Firewall or NGFW.

A next-generation firewall (NGFW) is hardware or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level

9 Top features in Next-generation firewall:

 

  • Application Awareness: Next-Generation Firewall must be able to identify, allow, block or limit applications regardless of port, protocol etc. This provides visibility into unknown & proprietary applications within the organization network.

    One of the major differences between a traditional firewall and a next-generation firewall (NGFW) is the fact that these newer devices are application-aware. Traditional firewalls rely on common application ports to determine the applications that were running and the types of attacks to monitor for.
  • Identity Awareness: Next-generation firewalls support Identity awareness for granular control of applications by specific users, groups of users, and machines that the users are using.

    A Next-generation firewall device also supports all major authentication protocols such as LDAP/AD, RADIUS, Kerberos, and Local Auth. This helps organizations control not only the types of traffic that are allowed to enter and

  • Centralized Management, Administration, Logging, and Reporting: Separate management solution is available for management, logging, and reporting. This helps organizations in log analysis and policy management. This tool is also used to export firewall rules set and configuration. Centralized management provides an administrator with a security health dashboard to view the happenings and traffic patterns and associated risks in a network in real-time.
    Central management should also give you the ability to automate routine tasks, reuse elements, and employ shortcuts and drill-downs to produce maximum efficiency with minimal effort.
  • State-full Inspection: While the general definition of Stateful inspection does not differ from traditional firewalls, a next-generation firewall (NGFW) tracks the connections from layer 2 to layer 7 (even layer 8 due to identity awareness) in contrast with the traditions firewalls which tracks the traffic from layer to layer 4. This difference allows a lot more control and provides organizations with the ability to have very granular policies. 
  • Deep Packet Inspection: Deep packet inspection (DPI) is one of the prior features of the next-generation firewall (NGFW). This capability ensures the various pieces of each packet are thoroughly examined to identify malformed packets, errors, known attacks, and any other anomalies. DPI can rapidly identify and then block Trojans, viruses, spam, intrusion attempts, and any other violations of normal protocol communications. 
  • Integrated IPS: In an environment where a traditional firewall is deployed, it is common to see an Intrusion Detection System (IDS) or IPS deployed as well. Commonly, this was done with a separate appliance or an appliance that is logically separate within a single appliance. With a next-generation firewall (NGFW), the IPS or IDS appliance is fully integrated. It can be activated and de-activated as and when required. The IPS functionality itself is the same as it was with a separate appliance; the main difference is in the performance and accessibility of the information from all layers of the traffic.

  • Able to monitor SSL or other encrypted traffic: The next-generation firewall (NGFW) is able to monitor SSL and Http tunneled traffic flows as well. In order to secure encrypted traffic, the Next-generation Firewall supports all inbound and outbound SSL decryption capabilities. This helps the Organization identify and prevent threats and malware in encrypted network streams
  • Integration with other security solutions: The next-generation firewall (NGFW) is capable of integrating with other security solutions such as SIEM tools, reporting tools, two-factor authentication systems, etc. with little or no modifications. This enhances the overall capability of the security systems of an organization.
  • Inbuilt Antivirus and Anti-Bot solution: Next-generation firewall (NGFW) has an inbuilt antivirus engine and is able to inspect https traffic on the fly for any infected file. these protections are available for protocols like HTTP, HTTPS, FTP, POP3, SMTP, SMB, etc. They are also capable of identifying malware coming from incoming file and malware downloaded from the internet

Views: 15

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service