We’ve previously covered “What is a Firewall and Why do I Need One?”. In this blog post, we will take a deeper look to see how a Next Generation Firewall (NGFW) can help protect your business.
NGFW’s contain all the tried and true features of the firewalls before them but they also contain advanced functionalities. Features like application awareness, intrusion prevention and detection, content filtering, and gateway antivirus are just some of the features of a NGFW.
NGFW’s permit system administrators or business owners to prevent individual applications from traversing the network. A common technique to get around content filtering is to use a VPN proxy service. This hides all the data from the firewall. A firewall with application awareness can block these services. If you want to prevent your users from consuming all your company’s bandwidth you can simply filter out various streaming applications, however if you can’t prevent them from using a VPN to get around your firewall, it won’t do much good. A NGFW can do that for you.
Intrusion prevention capable firewalls can detect intrusions and automatically apply a set of rules to the network traffic when one is detected. This is important as exploits can be carried about very quickly and the capability to respond immediately is something standard firewalls just can’t do. For example, if a malicious packet is detected the firewall can block all additional traffic from the source network automatically. The intruder will now have to find a different attack vector to continue his or her attack.
Gateway antivirus makes your firewall aware of known viruses, much like your antivirus on your workstation. This is yet another layer of protection. Nothing wrong with airbags AND seatbelts is there? No single antivirus software is full proof.
Active Directory Integration
Most NGFW’s also have the ability to integrate with your Microsoft Windows Active Directory Domain. If your firewall is aware of all of your workstations and users it can provide additional information like surfing habits of employees or allow your Windows network to control your VPN access.
In conclusion, traditional firewalls do not have the ability to protect your network from today’s threats. Call SandStorm IT at 901-475-0275 if you’d like to chat about your network’s security.