Most companies today have some sort of firewall to protect their data and applications from network security threats. But traditional firewalls no longer provide sufficient protection against today’s increasingly sophisticated cybersecurity threats. Instead, many IT departments are replacing them with next-generation (NG) firewalls, which contain a more advanced array of defensive technologies and can safeguard a network from most types of cyber attacks.
Unlike traditional firewalls which provide basic packet and URL filtering, Next-Generation firewalls have multiple security features such as network intrusion detection, malware filtering, website blocking, and web application protection. For the small- to mid-sized business that lacks the resources for an enterprise security solution, a Next-Generation firewall can provide all-in-one cybersecurity protection. For large enterprises, Next-Generation firewalls are valuable components of a comprehensive cybersecurity solution.
Unfortunately, some IT professionals fear that Next-Generation firewalls are too feature-rich for their needs or too sophisticated to deploy easily. Instead, they make do with a traditional firewall or create a piecemeal solution out of standalone cybersecurity products.
That is a mistake, say cybersecurity experts Bob Pruett and Vincent Delbar.
The next step in the firewall services evolution
Pruett, field security solutions executive at SHI and Delbar, technical partner manager at Fortinet, spoke on Best Practices when Deploying Next Generation Firewalls. The webcast, moderated by Darren Carroll, director of products at TierPoint, explained the features of Next-Generation firewalls and the best practices for implementing them.
Today’s Next-Generation firewalls are easier to deploy and configure than earlier versions from several years ago. In addition, most provide the ability to activate the different security features as needed, so an organization can start with basic traffic monitoring and add capabilities when ready.
“For instance, once you see what kinds of web sites people are going to, you can start blocking certain categories or limiting certain kinds of applications,” explained Delbar.
Another benefit is the ability to monitor and manage all the cybersecurity features from one interface. That saves time and provides greater visibility into the overall threat status of the organization.
Next-Generation firewalls do all the things that traditional firewalls do--packet filtering, network and port address translation, URL filtering and stateful inspections—along with other, more advanced capabilities. These include:
- integrated intrusion detection and protection to identify and block attacks based on behavioral analysis or threat signatures.
- application awareness, which provides the ability to set policies that block ports or services on an application by application basis.
- identity awareness, which enables IT to manage users, groups and applications through customized, identity-based policies
- anti-malware protection, so that malware can be detected and blocked before it can enter the network
Watch the webinar,
“Harnessing Artificial Intelligence & Emerging Technologies for Data Security”,
to learn more about the next frontiers in attack mitigation.
Tools for next-gen firewall success
An example of an next-generation firewall is TierPoint’s CleanIP which has all the features above as well as several others. These include web application vulnerability patching and DDoS mitigation; content filtering to block web pages and e-mails that violate company policy; support for VPNs with multi-factor authentication, SSL inspection of encrypted content; regularly updated threat intelligence for IP reputation and malware signature filtering.
The ability to inspect encrypted content will be increasingly critical. Analysts estimate that 70 percent of malware will be encrypted by 2020. A firewall that lacks the ability to analyze encrypted traffic will soon be unable to detect the majority of malware.
Likewise, regularly updated threat intelligence for IP reputation and malware signature filtering is important as attackers routinely change their attacks to make them harder to detect. These new “zero day” attacks can only be identified and blocked by firewalls that are continuously updated with the latest threat signatures.
The bottom line is that most organizations would benefit from an Next-Generation firewall, which can fend off multiple types of cybersecurity threats and can be managed and monitored thorough a single interface. It’s a far easier solution than a piecemeal collection of standalone security products.
Watch our recent webinar, “Best Practices when Deploying Next Generation Firewalls”, with TierPoint’s Darren Carroll, SHI’s Bob Pruett, and Fortinet’s Vincent Delbar to learn more.