vendor landscape next generation firewall

Today’s firewall products must protect both ingress and egress traffic and data to ensure truly comprehensive protection. Firewalls originated theoretically in the late 1980s before being brought to fruition as traffic-controlling tools. Firewalls have evolved four times over from simple packet filters (that evaluated source, destination and protocol) to stateful inspectors (with the capability of “remembering” the nature of ongoing communications and origin of the packets involved), proxies (evaluated packet contents, rather than just the packets) to Unified Threat Management systems (UTMs) or Next Generation Firewalls (NGFWs). The last – originating as the term UTM – began integrating capabilities such as anti-malware and intrusion prevention for a more robust firewall. While there is still debate over the semantics, UTMs are now frequently referred to as Next Generation Firewalls. Built-in Data Leakage Protection (DLP) capabilities ensures that sensitive or confidential data is protected. Encrypted traffic can conceal threats from firewalls, while Wi-Fi networks provide a route for attacks to bypass firewalls. Today’s firewall solutions focus on controlling these types of traffic. Despite the breadth of features, NGFW should not have a significant impact to your overall network performance, even if you have the capabilities fully “switched on.” NGFWs reflect a movement towards more content-aware security, combining additional capabilities on top of anti-malware and intrusion prevention, such as: Data Leakage Protection (DLP)

Upload: info-tech-research-group

Post on 20-Aug-2015

585 views

Category:

Software

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Vendor Landscape Next Generation Firewall

Today’s firewall products must protect both ingress and egress traffic and data to ensure truly comprehensive protection.

Firewalls originated theoretically in the late 1980s before being brought to fruition as traffic-controlling tools. Firewalls have evolved four times over from simple packet filters (that evaluated source, destination and protocol) to stateful inspectors (with the capability of “remembering” the nature of ongoing communications and origin of the packets involved), proxies (evaluated packet contents, rather than just the packets) to Unified Threat Management systems (UTMs) or Next Generation Firewalls (NGFWs).The last – originating as the term UTM – began integrating capabilities such as anti-malware and intrusion prevention for a more robust firewall.While there is still debate over the semantics, UTMs are now frequently referred to as Next Generation Firewalls.

Built-in Data Leakage Protection (DLP) capabilities ensures that sensitive or confidential data is protected.

Encrypted traffic can conceal threats from firewalls, while Wi-Fi networks provide a route for attacks to bypass firewalls. Today’s firewall solutions focus on controlling these types of traffic.

Despite the breadth of features, NGFW should not have a significant impact to your overall network performance, even if you have the capabilities fully “switched on.”

NGFWs reflect a movement towards more content-aware security, combining additional capabilities on top of anti-malware and intrusion prevention, such as:

Data Leakage Protection (DLP)Network Access Control (NAC)Application controlUser identity-related controlAnd a growing number are adding web application firewalling functionality.

As more organizations seek out consolidated solutions for economical savings and resource management, NGFW will be replacing most standalone security solutions like DLP. Some vendors have already started phasing out standalones this year.