140 likes | 569 Views
Cyberoam NGFWs offer actionable intelligence and controls to enterprises that allow complete security controls over L2-L8 for their future-ready security. The next-generation security features in Cyberoam NGFWs protect networks against newly-evolving threats.
E N D
Next Generation Firewall(NGFW) • A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level. • The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
Features of Next Generation Firewall(NGFW): • Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN. • Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non-standard ports to evade the firewall. • SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
Features of Next Generation Firewall(NGFW): • Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed. • Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups. • Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
Next-Generation Firewalls (NGFW) With Layer 8 Identity-Based Technology • Actionable Intelligence & Controls • Cyberoam OS • High Performance • Scalability • Flexibility
Things to Consider When Looking at a Next Generation Firewall solution • Underlying Architecture and design: Was the Next Generation Firewall designed from the ground up to perform its security controls in a single pass or are there different modules that have been added to an existing platform to provide added functionality? This could lead to issues with the following two items to consider. • Performance: What if any impact will be recognized if you turn on all of the security features and apply them to every security policy? • Leveraging Application intelligence for threat scanning: Can the firewall use application visibility and knowledge to scan only threats for the application in question or does it have to go through its entire database for evaluation? See the example of Oracle above. • Management: How easy is it to manage the Next Generation Firewall? Do I have to configure different rule-bases to take advantage of application control? Is the threat prevention management a separate rule-base or is it integrated with security policy? How much visibility/logging is provided into traffic traversing the firewall? This becomes important when troubleshooting and potentially migrating from port based control to application based control.
Reasons a Next Generation Firewall Is A Must • Application Identification : Application identification answers the question, what sort of traffic is allowed? It uses multiple identification mechanisms to determine the exact identity of applications crossing the network. As the applications are identified through a multi-factor approach, the policy check determines how to treat the applications and related functions. Accurate traffic classification is the core of any firewall, with the outcome becoming the foundation of the security policy. • Application Control : Application control is as critical as identifying the applications. Next-generation firewalls with application control allow you to create application-based firewall policy, to help regain full control over application traffic by managing bandwidth. A robust next generation firewall solution on your enterprise wireless network provides granular application usagecontrol policies such as: allowing or denying, allowing certain application functions and applying traffic shaping, decrypt and inspecting, and allowing for certain users and groups. It increases productivity, prevents data leakage and protects against application-borne malware.
Reasons a Next Generation Firewall Is A Must • Threat Prevention : In order to prevent threats effectively, any network needs to first reduce the avenues of attack by controlling which applications run on it. Then, a firewall needs to scan “allowed” application traffic for threats more broadly, while not limiting them to a strict definition of a particular type of threat.
Advantages of Next Generation Firewall • All-in-one functionality • Greater visibility and control • Simplified management • Better security • Lower total cost of ownership
Comparing Next Generation Firewalls • Does the NGFW solution provide protection against server application attacks and client application attacks? What is the percentage of time that it does not? • Can the NGFW solution be evaded? • Is the device stable and reliable? • Does the NGFW solution enforce inbound and outbound application polices? • Does the NGFW solution enforce inbound and outbound identity policies? • What is the performance of the solution?
Cyberoam Technologies USA Central : +1-732-412-4896Delhi & NCR : +91-9899150300 Ahmedabad : +91-9925011328 Bangalore: +91-9880345671 Dubai: +971-4-214 9860 Cyberoam House, Saigulshan Complex, Opp. Sanskruti, Beside White House, Panchwati Cross Road, Ahmedabad - 380006, GUJARAT, INDIA. North America 505 Thornall Street, Suite # 304 Edison, NJ -08837 USA sales@cyberoam.com http://www.cyberoam.com/