Introduction to Firewalls:
Firewalls were made for protection from unwanted applications using simple packet filters. It was simple because the applications met port-protocol expectations. Now there are malware, application layers and other targeted attacks. Here is a complex example of Farmville that uses port 80. The same port is used by HTTP protocol. Blocking port 80 is no solution since it would block all browsing.
Creation of the Next Generation Firewall:
Traditional firewall protection was based on IP address, ports, and protocols. Since it is unreliable, the new firewall next generation was developed. It has an integrated network platform of third generation of firewall technology. It combines with the traditional firewall and other network device for its filtering functions. It has application firewall for deep packet inspection (DPI) and intrusion prevention system (IPS). Techniques like TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection are provided. Third-party identity management integration of LDAP, RADIUS and Active Directory are possible.
Improvement on Traditional Firewall:
Features of Next Generation Firewalls are as follows:
- Similar to tradition firewalls:
- Packet filtering
- Network-and port-address translation (NAT)
- Stateful inspection
- Virtual private network (VPN) support.
- Next-generation firewalls goals:
- Include layers of OSI model
- Improve network traffic filtering dependent on the packet contents.
- Better inspection that stateful inspection of first and second generation
- Improved inspection method
- Packet payloads are thoroughly checked
- Signatures are matched
- Allows administers to create strong rules for “allow/deny”
What to Look Out for During Purchasing of Next Generation Firewall?
Experts have discussed to convince why one should buy next generation firewalls. There are several advanced features that have been discussed below:
- The next-gen firewall parse, decode and analyze applications to detect threats based on signatures. The business applications have subtle policy variations that allow different types of functions. Firewalls have to understand those various subtle rules and policies to make accurate decisions.
- The next-gen firewall uses rapid breakdown protocols for transforming application into components. Attackers embed command traffic or sensitive data within other protocols using complex tunnelling methods. Thus, next-gen firewall determines if ICMP, HTTP and other traffic types are genuine.
- The enterprise class of next-gen firewall can be connected to directory sources like Active Directory. It maps the IP address to the user logged into the system and its system name. After detecting the user, the role-based policies on the firewall can be applied. Thus, the abnormal traits of the firewall can be determined. This could be related to protocols, application features, and usage patterns from users and groups. Potential buyers should consider the support of the next-gen firewall platform for all storeroom types.
- The speed of the new-gen firewall is another very important feature. The processing and analysis is very intense especially of the packets that pass through it. Several products have a speed of 10 GBps and more.
There are several Companies selling various models of next-gen firewall having many salient feathers. These models are sold at various prices even on the internet. Google too has a choice of series to select from but best is always test the product before purchasing.