What is a Next-Generation Firewall?

 

Next-generation firewalls (ngfw` s) extend traditional firewall technology to provide network devices with additional filtering capabilities, such as: B. Inline application control, integrated intrusion prevention system (IPS), threat prevention capabilities, and advanced malware protection to improve enterprise network security.

 

Comparison of Next-Generation Firewalls and Traditional Firewalls

Traditional firewalls operate at Layers 3 and 4 of the Open Systems Interconnection (OSI) model to control the behavior and manage network traffic between hosts and end systems. They allow or block traffic based on ports and protocols, use stateful inspection, and make decisions based on defined security policies.

As advanced threats such as ransomware emerge, stateful firewalls are easily bypassed, creating a high demand for improved and smarter security solutions.

This is where NGFWs come in. NGFWs were introduced by Gartner (circa 2007) as "deep packet inspection firewalls that go beyond port/protocol inspection and blocking to also add application layer inspection, intrusion prevention, and intelligence from outside the firewall." "They offered all the functionality of traditional firewalls, but also had more granular capabilities to enable policies based on identity, location, application, and content.

How does an NGFW work?

Compared to traditional firewalls, NGFWs penetrate deeper into network traffic to understand where it is coming from. They can gather more information about malicious traffic and embedded threats that are trying to penetrate the network perimeter and access corporate data.

Traditional firewalls only work at OSI layers 3 and 4, while NGFWs work at layer 7 (application layer). This means the most dangerous and pervasive app-level threats are stopped before they can get in, saving time and costs in remediation.