Next Generation Firewalls: Advance Security Technology
Essay by Mario Hayden • April 29, 2018 • Research Paper • 651 Words (3 Pages) • 1,031 Views
Mario Hayden
Prof. S. Otmishi
ITSY 2401
March 25,2018
Next Generation Firewalls: Advance Security Technology
Both the traditional and Next Generation Firewalls offers stateful inspections, basic packet filtering and the translations of port and network addresses. However, what sets NGFW apart with traditional firewalls is the multifunctionality of it. NGFW is often comes or integrated with an intrusion detection system (IDS) and with a intrusion prevention system all in one. With both integrated in one it helps to perform thorough traffic analysis by scanning behavior or certain characteristics of potential threat, malware or unauthorized network traffic patterns. According to Cisco, a leading NGFW company (Cisco.com) to qualify as a NGFW, it must have application awareness, integrated IPS, ability to monitor, deep packet inspection, ability to monitor encrypted traffic, built-in antivirus and ability for add-ons with other security programs.
Traditional firewalls only provide protection and filtering at the network (layer 3) and the transport (layer 4) on the OSI model. However, NGFW comes with an application layer 7 awareness. With this feature, the NGFW will start monitoring from application layer. So, most NGFW will monitor from layers 2-7 on the OSI model. With this, threats such as DDoS or DNS attacks will have less chances to take place because usually these kind of attacks starts at the application level (website) and traditional web application firewall were used in the past.
Adding additional programs to traditional firewall would cost more and will burden the performance of the firewall whether it is the hardware or the network speed. However, a NGFW uses Deep Packet Inspection, a method of inspecting and managing a network by repackaging. Reclassifying and rerouting the metadata. In addition to that, special CPUs using Cavium processors are used so that processing power and network traffic processing power can be optimized. This means although more add-ons and programs are added or integrated, the network speed remains the same as the load is evenly distributed.
According to eSecurity Planet (eSecurityPlanet.com) in 2017, the firewall industry raked in around $10 billion and it is expected to grow at least 8% yearly for the years to come. The company ranks companies like Sophos XG Firewall, Barracuda F-Series, Juniper Networks, Fortinet Fortigate, Forcepoint, SonicWall, Palo Alto Networks, Cisco, Huawei and Check Point as the top ten NGFW vendors. They used a few considerations by using Gartner’s Magic Quadrant in the measurements. These vendors have been in the business of firewalls for a few decades and some are leaders in the computer hardware industry. Please refer (Figure 1: Comparison between vendors) for the comparison between these vendors and their market niche, speed, forms of delivery and price of owning one.
Like a traditional firewall, the NGFW should be only be managed by the information technology department. The training of each NGFW vendor varies from vendor to vendor, usually whenever a company purchase from a specific vendor, the firewall would usually conduct training. Certain vendors such as Cisco have their own training and certifications which are some trained in technical schools or colleges. So, it is most likely not to be trained or used by everyone in the company except for certain user rights. The price of purchasing a NGFW also varies between the vendors. It’s somewhere between below $1000 to a few thousands a year depending on the add-ons and all vendors do provide support with training.
Vendor | Market | Speed (Throughput) | Good For | Delivery | Pricing |
Sophos | Small business & Iaas | [pic 1] | Root cause analytics | [pic 2] [pic 3] | [pic 4] |
Check Point | Retail & government | 90 Mbps – 128 Gbps | Stop attacks at CPU Level | [pic 5] | [pic 6] |
Barracuda | [pic 7] | [pic 8] | Machine learning | [pic 9] | [pic 10] |
Fortinet | [pic 11] [pic 12] | [pic 13] | Machine learning | [pic 14] [pic 15] | [pic 16] |
Cisco | [pic 17] [pic 18] | [pic 19] | IP, URL, DNS Threats | [pic 20] | [pic 21] |
Huawei | [pic 22] | [pic 23] | Traffic patterns | [pic 24] | [pic 25] |
Palo Alto | [pic 26] | [pic 27] | Aggregation & filtering | [pic 28] | [pic 29] |
SonicWall | [pic 30] | [pic 31] | Machine learning | [pic 32] | [pic 33] |
Juniper Networks | [pic 34] [pic 35] | [pic 36] | Juniper Sky Advance Threat Prevention | [pic 37] [pic 38] | [pic 39] |
Force Point | [pic 40] | [pic 41] up to 2,000 firewalls | Analyzing network patterns | [pic 42] | [pic 43] |
Figure 1: Comparison between vendors
...
...