Friday, April 16, 2021

Hot Trends in Firewalls

While we hope they’re an impregnable line of defense, firewalls have historically had plenty of limitations. How are next-gen firewalls beefing up security?

The traditional stateful firewall filters traffic based upon ports and protocols. For example, blocking or allowing the entire port 80 for HTTP traffic or port 443 for HTTPS traffic. It’s an “all-or-nothing” approach.

Newer firewall technology can also filter traffic based upon the applications or traffic types traversing these ports. For example, you could open port 80 for only select HTTP traffic, for those specific applications, sites, or services you allow. Think of it as blending the firewall and quality of service (QoS) functionalities into one solution.

These application-aware firewalls are commonly cited as a next-generation firewall (NGFW) but they are, basically, a form of a unified threat management (UTM) solution. However, the term UTM is usually applied to products that lack the true application-awareness and are targeted towards the SMB market. UTM products usually offer additional functions over traditional firewalls, such as antivirus, antispam, or even intrusion prevention systems (IPS).

The fine-tuning of traffic provided by NGFWs can help in both security and bandwidth control aspects. Since they’re smarter and provide deeper inspection, they have the potential to catch more malicious activity. They can also serve as content filters and provide QoS functions, so higher priority applications receive higher priority bandwidth. Along with the general need for better overall security, NGFWs are in demand due to the increase of cloud services and outsourced software as a service (SaaS) providers.

Common characteristics

Here are the common features of most NGFWs:

Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN.

Read the rest about next generation firewalls at eSecurity Planet.

Similar articles

Latest Articles

Best Data Quality Tools...

Data quality is a critical issue in today’s data centers. The complexity of the Cloud continues to grow, leading to an increasing need for...

NVIDIA’s New Grace ARM/GPU...

This week is NVIDIA’s GTC, or GPU Technology Conference, and they likely should have changed the name to ATC because this year – it...

What is Data Segmentation?

Definition of Data Segmentation Data segmentation is the process of grouping your data into at least two subsets, although more separations may be necessary on...

The Conversational AI Revolution:...

One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...