5 Features to Look For In A Next-Generation Firewall
When it comes to NGFWs, it’s the integration that counts.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt484d8b7dfdf694ea/64f0db65878bc9c0eba82346/NewNGFWCoverArt.jpg?width=700&auto=webp&quality=80&disable=upscale)
Sure, the term next-generation firewall (NGFW) has been around since 2007 and the vendors have been hyping these products for a close to a decade.
So what’s new this year?
Adam Hils, research director, network security, at Gartner, says what’s different about today’s NGFWs is the integration of features such as an IPS or URL filtering within the firewall itself.
“Many SMBs go with UTMs and they have all the features companies need, but there’s really not much integration,” he says. “For the enterprise, companies should think about a next-generation firewall and evaluate how well they integrate multiple features right within the firewall.”
Gartner estimates that the global firewall market will grow from $8.3 billion in 2015 to $9.7 billion in 2017. Hils says these products need to support complex environments, including branch offices, demilitarized zones and virtual environments within the data center. Many of these products also offer centralized management and reporting consoles and claim to do analytics, but companies should look for integration with products like Splunk if they are really serious about doing analytics.
Vendors Gartner gives high marks to include Check Point Software Technologies and Palo Alto Networks, which are assigned leader status, as well as Cisco Systems and Fortinet. Other more niche players include Juniper Networks, Dell SonicWall, Intel Security, Huawei, WatchGuard and Barracuda Networks.
While there are many vendors to choose from, the following slideshow outlines the five main features IT that security managers should consider before selecting a product.
Start by making sure the product can direct the right users to the right applications. The NGFW must control the level of access a user has.
For example, a company may decide to let their accounting people view Facebook or even Facebook chat, but the NGFW should make it easy to set a rule prohibiting the accounting staff to download spreadsheets or other text or PDF documents that could expose intellectual property or confidential financial data.
Most NGFWs will offer a basic level of URL filtering. This feature blocks users from visiting undesirable websites. The idea behind URL filtering is to set controls for peak events that drag on the network and hurt user productivity, such as the temptation to watch the games during March Madness, or simply controlling employee usage of social media sites like Facebook or Twitter.
Companies should look for a full-fledged Web gateway like the one from Blue Coat if they want to do more complex reporting, or if they want the security team to control the Web gateway as opposed to the network team.
Sure, the term next-generation firewall (NGFW) has been around since 2007 and the vendors have been hyping these products for a close to a decade.
So what’s new this year?
Adam Hils, research director, network security, at Gartner, says what’s different about today’s NGFWs is the integration of features such as an IPS or URL filtering within the firewall itself.
“Many SMBs go with UTMs and they have all the features companies need, but there’s really not much integration,” he says. “For the enterprise, companies should think about a next-generation firewall and evaluate how well they integrate multiple features right within the firewall.”
Gartner estimates that the global firewall market will grow from $8.3 billion in 2015 to $9.7 billion in 2017. Hils says these products need to support complex environments, including branch offices, demilitarized zones and virtual environments within the data center. Many of these products also offer centralized management and reporting consoles and claim to do analytics, but companies should look for integration with products like Splunk if they are really serious about doing analytics.
Vendors Gartner gives high marks to include Check Point Software Technologies and Palo Alto Networks, which are assigned leader status, as well as Cisco Systems and Fortinet. Other more niche players include Juniper Networks, Dell SonicWall, Intel Security, Huawei, WatchGuard and Barracuda Networks.
While there are many vendors to choose from, the following slideshow outlines the five main features IT that security managers should consider before selecting a product.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024