What’s so ‘next generation’ about a Next Generation Firewall?
In a recent post I discussed Phishing and attempted to demystify the term for the benefit of the average User. Today, it is the turn of the rather grand-sounding Next Generation Firewall.
A traditional firewall is designed to monitor the flow of traffic in and out of an IT network based on port, protocol, source address and destination address. Pretty basic stuff.
However, with the growth of more and more sophisticated cyberattacks on a daily basis, traditional firewalls are now outdated. They have been superseded by Next Generation Firewalls (NGFW) which are the only firewalls that can provide proper protection. A Next Generation Firewall (NGFW) is as Gartner defines it a: –
“deep-packet inspection firewall that moves beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.”
Next Generation Firewalls (NGFW)
Like traditional firewalls, NGFWs use static and dynamic packet filtering and VPN support to ensure that all connections between the network, internet and firewall are valid and secure. But NGFWs also have the ability to filter based on applications. For instance, an NGFW has extensive control and visibility of applications so it is able to identify threats using analysis and signature matching. As a result, a NGFW can distinguish between safe applications and threat-carriers. Plus, NGFWs typically include a regular plan of upgrades through which future updates are deployed to keep pace with the ever-changing cyber threat landscape.
So, what are the Benefits of Next Generation Firewalls (NGFW)?
- An NGFW is able to negate malware from entering a network; traditional firewalls are unable to do this.
- NGFWs are better placed to combat Advanced Persistent Threats (APTs).
- They can be a cost-effective option for companies wanting to enhance their basic security. This is because they can incorporate the work of antivirus, firewalls and other security applications into one solution (often called a security fabric).
- Next Generation Firewalls possess insightful reporting tools, so the origin of a threat i.e. the Device and User, can be identified. Additional training can then be provided to protect the User/Device from engaging in risky activity in future.
- Threats to personal devices and larger networks are changing every day. NGFWs have the flexibility to protect devices and companies from a much broader spectrum of intrusions than ever before.
- A NGFW can provide what we call “compensating controls” in light of GDPR. So in the event you have a breach and the ICO ask “what are you doing to protect your data and systems?” you can answer by telling them you have invested in a security system that does A, B, C, X, Y, Z. This shows you have taken sensible steps to protect your data within the reasonable limitations of your business.
- Next Generation Firewalls give you the ability to extend your security ring-fence to external endpoints (e.g. home workers using other networks) and give you daily reporting on web usage stats and external access. It also gives you the ability to operate online with confidence knowing you are protected by industry leading security.
Core Team One – Fortinet Authorized Partner
Core Team One promote the Fortinet range of Next Generation Firewalls (NGFW). We chose Fortinet as they understand SMBs and their security requirements and they continue to lead the market with a robust portfolio of security solutions. A FortiGate NGFW consolidates several network and security operations functions in a single platform, including network firewall, intrusion prevention (IPS), anti-malware, virtual private network (VPN), WAN optimization, web filtering, application control, and wireless local-area network (WLAN) control. With cyber-criminal attention focused on the perceived low-hanging fruit of smaller companies, it is important SMBs find ways to do more with less. Core Team One can help in finding the right solution for your organisation and close the gaps that threats can slip through.
For free impartial advice contact Core Team One on 0113 532 9800.