New generation firewalls: what is it and what functionality do they have?
Traditional firewalls lag behind the ever-evolving cloud threats and are not able to provide protection on the scale needed by companies and individuals. Users need firewalls that work together with antivirus software, capable of intelligently recognizing the latest threats in the system and blocking dangerous traffic. One of the possible solutions is the new generation firewalls (NGFW), which combine all these functions. What is NGFW? What are they for? Let’s figure it out!
What are new generation firewalls?
Firewalls of the new generation are firewalls operating at the application level. NGFW filters network traffic to protect organizations from internal and external threats. Along with support for health-checking firewall features such as packet filtering, IPsec and SSL VPN support, network monitoring and IP address mapping functions, NGFW solutions include deeper content verification capabilities. These capabilities allow you to detect attacks, malware and other threats, and also allow new generation firewalls to block these threats.
NGFW – Hardware or software?
NGFW technology is dynamic. Some firewalls may be embedded in the system as hardware or software. Additionally, NGFWs can be a cloud service, which is why they are sometimes called cloud firewalls.
What is NGFW’s main functionality?
Many security features are included in NGFW. Here are the most important ones that should be in every NGFW:
The main functions of the firewall and VPN;
Application Control – monitors the tags of applications used on the network. If the user tries to launch an unknown program, NGFW will block the launch and notify the administrator;
DPI – checks packets at the application level, not just as part of port and protocol inspection;
IPS – blocks malicious traffic in real time based on signatures. Information about new threats is updated in the database and arrives on NGFW devices in 10-60 minutes. IPS works on the principle of “everything that is not allowed is prohibited”, that is, if the application is not identified or performs atypical actions for it, it will be blocked;
Web filter – controls the URLs accessed by users. Usually URLs are divided into different categories, access to which can be allowed or denied by network administrators;
User Authentication – Helps NGFW identify users by their IP addresses.
And what additional functions are there?
In some NGFWs, you can get such a set of functions for an additional fee:
Antivirus signatures for NGFW that are updated online. Traffic is checked for viruses, spyware, Trojans and worms.
Technologies that provide different classes of traffic with different service priorities (QoS), which greatly simplifies control over data flows.
SSL verification, which allows you to break the SSL tunnel of HTTPS-type protocols and check encrypted traffic.
What awaits NGFW in the future?
NGFWs will be used more often in the cloud, because they are very easy to configure for the necessary security requirements and use not only in the cloud, but also on corporate devices.