While firewalls, which are the basis of a corporate network security strategy, have been around for quite some time, they have evolved significantly as the cyber threat landscape has changed. A next-generation firewall (NGFW) is a firewall designed to protect against the modern cyber threats that companies face. In addition to the core functions of a firewall, NGFWs integrate a range of other capabilities to protect against advanced cyber threats.
Miercom 2024 NGFW Security Benchmark Get a Personal Firewall Demo
Firewalls define network boundaries. All traffic passing through an NGFW is inspected by that firewall. This inspection allows the firewall to apply security policy rules which permit or block traffic.
An NGFW builds on the capabilities of a traditional firewall by incorporating additional features. For example, an NGFW operates at the application layer of the TCP/IP stack to apply intrusion prevention system (IPS), antimalware, sandboxing and other protections. These functions allow an NGFW to identify and block advanced threats before they pose a risk to corporate systems.
Today’s threat landscape consists of modern Gen V cyberattacks which are sophisticated and organized, automated attack campaigns that target multiple attack vectors using advanced tactics and techniques to gain access to corporate environments.
Blocking these attacks at the network perimeter is essential to minimizing the potential risk to the organization. However, traditional firewalls lack the in-depth network traffic visibility to identify and prevent these attacks. An NGFW’s array of integrated network security controls makes it a robust first line of defense against these threats.
Additionally, NGFWs can be used as part of a network segmentation strategy. By dividing the corporate network into zones and forcing cross-zone traffic to pass through an NGFW, an organization provides itself with multiple opportunities to detect and remediate threats before they reach their intended goals. This internal security is essential when account takeover, supply chain, and similar attacks grant hackers a foothold within an organization’s network.
Traditional firewalls and NGFWs are both designed to identify and block malicious or unwanted traffic from crossing network boundaries. However, they do so at different levels of the TCP/IP network protocol stack.
Traditional firewalls operate primarily at the TCP and IP levels of the protocol stack. By inspecting the IP addresses and port numbers of inbound and outbound packets, they limit the types of traffic that enter and leave the protected network. However, their lack of visibility into the content of network packets leaves them blind to many modern threats.
NGFWs, on the other hand, operate at the application layer of the protocol stack. With an understanding of application traffic and the ability to decrypt encrypted traffic streams, they can identify and control that application traffic and in addtion, block a greater range of threats.
NGFWs also incorporate user and machine identity into the security policy vs. a traditional IP and services port based firewall policy. This better captures business intent and provides more visibility into traffic patterns within an organization.
As the very foundation of a corporate network security strategy, NGFWs are responsible for protecting the corporate network against inbound threats and enforcing network segmentation, which is a cornerstone of an effective zero-trust security strategy.
To achieve these goals, a modern NGFW must include the following core features:
A variety of NGFWs exist and are designed for different environments and use cases. Some examples include rugged firewalls, small and branch office firewalls, enterprise firewalls, data center firewalls, hyperscale network security, cloud firewalls, and Firewall as a Service (FWaaS) solutions.
Firewalls come in a variety of forms, and choosing the right one can be difficult. While an NGFW is essential for protection against modern threats, the various NGFW offerings are specialized for different use cases.
To learn more about how to evaluate NGFW solutions and what features to look for in a firewall, check out this buyer’s guide to NGFWs. Then, sign up for a free demo of Check Point Quantum NGFW to learn how Check Point NGFWs can offer enhanced security to your users and devices regardless of location.