120 likes | 252 Views
Next Generation Firewall(NGFW)Feature and Benefits. Next Generation Firewall(NGFW).
E N D
Next Generation Firewall(NGFW) • A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level. • The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
Features of Next Generation Firewall(NGFW): • Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN. • Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non-standard ports to evade the firewall. • SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
Features of Next Generation Firewall(NGFW): • Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed. • Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups. • Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
Interesting, right? This is just a sneak preview of the full presentation. We hope you like it! To see the rest of it, just click here to view it in full on PowerShow.com. Then, if you’d like, you can also log in to PowerShow.com to download the entire presentation for free.