What is a Next Generation Firewall? Learn about the differences between NGFW and traditional firewalls



Firewalls are a standard security tool for the majority of companies, but in today’s changing threat landscape, next generation firewalls are the only firewalls that can provide proper protection.

A Definition of Next Generation Firewall

A next generation firewall (NGFW) is, as Gartner defines it, a “deep-packet inspection firewall that moves beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.”

Traditional Firewalls vs. Next Generation Firewalls

As their name suggests, next generation firewalls are a more advanced version of the traditional firewall, and they offer the same benefits. Like regular firewalls, NGFW use both static and dynamic packet filtering and VPN support to ensure that all connections between the network, internet, and firewall are valid and secure. Both firewall types should also be able to translate network and port addresses in order to map IPs.

There are also fundamental differences between the traditional firewall and next generation firewalls. The most obvious difference between the two is an NGFW’s ability to filter packets based on applications. These firewalls have extensive control and visibility of applications that it is able to identify using analysis and signature matching. They can use whitelists or a signature-based IPS to distinguish between safe applications and unwanted ones, which are then identified using SSL decryption. Unlike most traditional firewalls, NGFWs also include a path through which future updates will be received.

Benefits of Using a Next Generation Firewall

The differentiating features of next generation firewalls create unique benefits for the companies using them. NGFWs are able to block malware from entering a network, something that traditional firewalls would never be able to achieve. They are better equipped to address Advanced Persistent Threats (APTs). NGFWs can be a low-cost option for companies looking to improve their basic security because they can incorporate the work of antiviruses, firewalls, and other security applications into one solution. The features of this include application awareness, inspection services, as well as a protection system and awareness tool that benefit the offering at all odds.

The Importance of Next Generation Firewalls

Installing a firewall is a requirement for any business. In today’s environment, having a next generation firewall is almost as important. Threats to personal devices and larger networks are changing every day. With the flexibility of a NGFW, it protects devices and companies from a much broader spectrum of intrusions. Although these firewalls are not the right solution for every business, security professionals should carefully consider the benefits that NGFWs can provide, as it has a very large upside.

Jeffrey Aldorisio

INFOGRAPHICS

Don't Get Hooked: How to Recognize and Avoid Phishing Attacks

Jeff Aldorisio

Jeff Aldorisio is the marketing operations specialist at Digital Guardian. He works with their marketing automation, webinars, and other marketing tasks.