A Next-Generation Firewall is an integrated network that merges a traditional firewall with other network device filtering functions like an an intrusion prevention system (IPS), an application firewall using in-line deep packet inspection (DPI) and other techniques like SSH and SSL interception, QoS/bandwidth management, website filtering, antivirus inspection and third-party integration that is Active Directory.
The modern threats such as web-based targeted attacks, malware attacks, application layer attacks and more and are also changing the threat landscape rapidly from bad to worse. Furthermore, more than 80% of all new malware and intrusion trials are targeting weaknesses in applications, as opposed to flaws in networking services and components. S
Stateful firewalls having simple packet filtering abilities were excellent at the job of stopping undesired applications since most of the applications met the port protocol expectations. The administrators could easily prevent an unsafe application from being used by users by blocking the linked protocols and ports.
However, blocking an application such as Farmville that utilizes port 80 by closing the port would lead to blocking other applications such as Salesforce.com and Sharepoint.com that also use port 80 nowadays which most of the organizations cannot perform. The protection based on protocols, ports, IP addresses is no more viable and reliable. This had taken into the development of Identity-based security approach that takes organizations a step forward of conventional security appliances that bind security to IP addresses.
Furthermore, to make readily available and cost savings to the multiple client-server applications and business applications such as Google’s Office Suite and Salesforce.com are going towards the web to become web-based services.
These sorts of critical business applications have nowadays become indifferent from the least essential applications in a business network that also uses HTTP for network communications purposes. Therefore the enterprises need a greater awareness of and control over particular applications even with greater inspection abilities by the firewall that enable administrators to create very granular allow or deny policies for controlling the use of apps and websites in the network.
Implementing stand-alone security products such as URL filtering, Prevention System, Anti-virus/ Anti- Malware and so on shows unexpected raising the effectiveness of the first generation firewalls. The short-sightedness of Stateful Inspection firewalls goes onto the added solutions since these solutions function on limited efficiency of these firewalls with their portocols/ports based classifications techniques.
