Recent security breaches in some of the largest and seemingly most secure network environments on the market raise the question: are the existing protection mechanisms sufficient to prevent unauthorized access to critical assets?
Although some feel that traditional firewalls, antivirus software and intrusion prevention systems (IPS) have lost their usefulness, these security technologies are in fact still very much in use and necessary.
However, more comprehensive, effective and especially integrated products are often needed to keep up with those that threaten today's network infrastructures.
Next-generation firewalls (NGFWs) are integrated network security platforms consisting of deep inline packet inspection firewalls, IPS, application inspection and control, SSL / SSH auditing, site filtering and quality of service (QoS) / bandwidth management to protect networks against the latest sophisticated network attacks and intrusions.
Next-generation firewalls vs. traditional firewalls and UTMs
Unlike NGFWs, which aim to prevent the growing number of attacks on applications that occur at layers 4 to 7 of the OSI (Open Systems Interconnection) network model, traditional packet filtering firewalls only provide protection at layer 3 (network) and layer 4 (transport).
They include metrics for allowing and denying packets, discriminating the source IP address of the data received, destination IP addresses, the type of Internet protocols the packets may contain, for example, normal data transport IP packets as well as local link network discovery protocols, and routing resources.
Although firewalls are usually deployed between the public Internet and an internal network within the DMZ, attackers have found ways to bypass these controls and cause considerable damage before detection.
Traditional firewalls are limited in scope, and other security controls are still needed to protect corporate networks, including intrusion prevention systems, web application firewalls, secure coding standards based on the top 10 vulnerabilities of the Open Web Application Security Project (Owasp), strong encryption at the web layer (SSL / Transport Layer Security) and antivirus and malware prevention.
Having to deploy, manage and monitor this complicated number of network security products to mitigate various heterogeneous attack vectors is a challenge, to say the least.
In addition, unforeseen interactions between security products can compromise the functionality of some products at the expense of bandwidth resources, response times, monitoring and maintenance requirements.
Next-generation firewalls can solve many of these problems by providing a product from a single vendor with a common management process that includes various security services.
It is, for the most part, a more economical and pragmatic approach to network security.
The ideal next-generation firewalls are comprehensive, flexible and affordable
Although this may seem like an unattainable combination, achieving this challenge is very feasible for NGFW providers.
Firstly, next-generation firewalls can include IPS, antivirus and malware prevention, application control, deep packet inspection and firewalls with state, encryption, compression, QoS and other features.
Secondly, NGFWs are flexible, which also means scalable, so that resources can be modularized and activated according to need.
And thirdly, next-generation firewalls provide a comprehensive user interface with well-defined access to product features, either via a traditional command line interface or a GUI panel, with well-documented access to feature activations, rule set definitions, configuration analysis, vulnerability assessments, activity reports and alerts.
Today's next-generation firewalls form a framework of network security products that aim to offer these three features.
Although NGFW services are listed with commonly named features, including data loss prevention, application control and threat intelligence, a closer look shows some variations between the products of next-generation firewall vendors.
The future of NGFWs
The global market for next-generation firewalls is expected to grow to US$ 4.69 billion by 2023. The largest market for IT security products, it is still growing at around 8% a year.
According to the leading NGFW vendors, there are features in development that will make life easier for the IT department and, at the same time, further strengthen network security.
These companies are also determined to develop NGFW products that meet the network security requirements of organizations of all sizes.
Next-generation firewall vendors are also spending a considerable amount of time and expense on R&D to keep up with today's sophisticated attacks and meet the comprehensive, flexible and affordable requirements described above.
One of the main features that the leading NGFW companies offer is threat intelligence that is current, open, continuous, adaptable and automatic.
About Conversys
Conversys IT Solutions is a provider of Information and Communication Technology services and solutions operating throughout Brazil.
With a highly qualified technical and commercial team and a network of partners that includes the main global technology manufacturers, Conversys IT Solutions is able to deliver customized IT and Telecom Infrastructure solutions to clients.
We invest in our employees and partners and strive for a long-lasting relationship with our clients, because we believe that in this way we gain the skills and knowledge necessary to innovate and generate value for the businesses in which we operate.
