What is A Next Generation Firewall?
Next Generation Firewall Explained.
A Next Generation Firewall serves the purpose of existing traditional firewalls and (as you might expect) also provides a range of features that are designed to deal with more modern threats that traditional firewalls were not able to prevent.
Next Generation Firewalls should and do provide a suite of protection capabilities that you would expect to see in traditional firewalls including:
- VPN
- Packet Filtering
- Network Address Translation
- Port Address Translation
- URL Blocking
In addition, Next Generation Firewalls deliver a newer set of capabilities such as:
- Deep packet inspection, to actually understand what threat might be hidden with network traffic.
- Application level inspection to understand threats that may manifest through applications themselves.
- Intrusion prevention, actually stooping malware before it enters the network
- Integration with threat intelligence services which can help effectiveness to unearth Advanced Persistent Threats (APT).
- They can operate in traditional routed mode or transparent mode where they sit in the network simply scanning packets.
Ultimately the goal of a Next Generation Firewall is to inspect more layer of the OSI network stack, thereby improving the filtering and security monitoring of network traffic and network packet contents.