The importance of next-generation firewalls
By Rentia Booysen, Collaboration and Networking Lead, Westcon-Comstor Sub-Saharan Africa
Despite the benefits of a digital and always-connected business environment, cyber security risks have also evolved to become more sophisticated and increasingly pervasive. As such, traditional defensive measures are no longer adequate, resulting in the need to embrace more adaptive solutions, such as next-generation firewalls (NGFWs).
Analysts define these as ‘deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention and bringing intelligence from outside the firewall.’ So, unlike a standard firewall, the NGFW provides an organisation with policy-based visibility and control over applications, users and threats. Therefore, it is less about going the ‘everything or nothing’ route with incoming and outgoing traffic and more about adopting a nuanced approach to protecting the network (and data) of the company.
Taking security to the next level
An NGFW offers all the standard features of what one has come to expect from a firewall, but also incorporates several additional layers of security. This additional protection is provided further along the stack to include aspects such as application identification, user-based authentication, malware protection, exploit protection, content filtering and location-based access control.
One factor that makes NGFWs especially crucial in a data-driven world is that they are application-aware. This awareness empowers the IT team to have complete visibility of which applications are used on the corporate network. In turn, IT can enforce network security policy on the application layer instead of the more generalised port and protocol basis. Packets can now be viewed in their proper context with the appropriate rules being applied instead of blocking everything.
An example of this more customised approach is allowing Facebook access but restricting Facebook Messenger usage. By using an NGFW a company can, therefore, adapt and apply its cybersecurity policy to better reflect its business strategy as opposed to having the technology dictate what it can and cannot do.
Speedy defense
Another significant difference is the speed advantage an NGFW can deliver to the network. As more devices are added and more security services are turned on, network congestion becomes a massive concern when using a traditional firewall. However, NGFWs provide high-speed defences irrespective of the number of devices or how many protection services are active.
Furthermore, like cloud-based applications always being kept updated in the background, NGFWs include anti-virus and malware protection that is also continually upgraded as new threats emerge. In turn, this automated approach significantly reduces the need for a time-consuming and error-prone manual-driven patch management process, that may actually be too late anyway.
For example, the Juniper Networks range of NGFWs (the SRX Series Services Gateways) uses information from the Juniper Sky Advanced Threat Prevention cloud-based anti-malware service and third-party GeoIP feeds to more effectively block malicious activities as they enter or travel through the network.
Partner-driven
Of course, it is one thing to realise the importance of having an NGFW and another thing entirely to integrate it into existing infrastructure and processes. A company must first understand what solutions it already has in place and audit the current cybersecurity policy. Implementing a NGFW is as much about embracing technology innovation as it is about rethinking traditional approaches when it comes to cyber defenses – helping you futureproof your environment.
Notably, this is especially relevant given the growth in the number of entry points into the back-end systems of the business. With the Internet of Things and edge computing growing in importance, so too must the way in which decision-makers enhance these defences to ensure that data, irrespective of where it is generated, processed or stored, is kept safe.
A business must, therefore, be able to rely on a trusted partner that not only has access to the right technology solutions but also takes the time to understand its unique requirements. An NGFW is not merely a "fire and forget" offering. It is one that evolves as the needs of the company change. Therefore, the vendors who can combine global best practice with local insights are the ones that will deliver the best value for the most effective use of an NGFW.