Network World identified the transition to a next-generation firewall as a top priority for 2011 by the leading provider of information, intelligence, and insight to network firewall security and IT executives. The technology is still being highlighted by the industry news source nearly two years after it was first introduced. According to the article, adoption of the technology was expected to reach 35 percent by 2014, up from 1 percent when it was written.
When they first appeared, next-generation firewalls drew the attention of Network World because they required “a different way of thinking about (network) security goals associated with a firewall,” according to the publication.
What distinguishes a next-generation firewall from a traditional firewall is as follows:
Fortinet and other vendors assert that they are the best.
Establishing controls over how employees of a company “access the Internet, the World Wide Web, and social networking sites” is prioritized in the document. If employees are prevented from posting to time-wasting websites such as Facebook, they will be more productive.
In contrast to a traditional firewall, a next-generation firewall does not make use of ports.
A next-generation firewall is both faster and more intelligent than a traditional firewall. Technology such as reputation filtering, for example, can be used, as well as “integration with Active Directory for identity and policy management.”
According to the company, it provides business owners with the ability to “create and enforce identity-based application usage policies,” according to the company.
They can have VPN capabilities added to them.
It has the capability of total traffic at the application layer to detect and prevent intrusions.
It provides users with a clear picture of their network firewall security activity and bandwidth consumption, among other things. The ability to “manage application controls related to bandwidth requirements and priorities” will result from this development.
Is it true that they are catching on as quickly as anticipated?
According to Network World, the new firewall technology is “off to a good start,” as the publication stated in a follow-up article. In addition, the publication source named Fortinet as one of the top three leaders in the industry. Furthermore, when the performance of these three providers was compared, Fortinet’s FortiGate next-generation firewall was found to be the most effective, earning high marks for its management interface and overall usability.
Its rule-writing capabilities, which allowed for both IP address and geographic location references, was yet another feature that set the Fortinet next-generation firewall apart from the competition. Additionally, according to the comparative study, FortiGate “possesses an elegant rate-based policy feature designed to prevent denial-of service attacks. “
What role do application controls play in all of this?
This is dependent on the vendor, and it is a significant point of differentiation between product offerings in terms of functionality. When it comes to this problem, Fortinet uses a single rule base for all of its products. Not only is this approach “the most straightforward to manage and intuitive from a fundamental security standpoint,” but it is also “potentially the most powerful because it allows traffic to flow only when all attributes are met,” according to Network World. It also allows for the interleaving of rules with and without application controls, according to the authors.
What is the current state of affairs concerning next-generation firewalls?
Next-generation firewalls were identified as a technology to watch by Network World nearly three years ago, and the publication claims that the technology is now widespread.