What is a Next Generation Firewall (NGFW)?

 

While firewalls, which are the basis of a corporate network security strategy, have been around for quite some time, they have evolved significantly as the cyber threat landscape has changed. A next-generation firewall (NGFW) is a firewall designed to protect against the modern cyber threats that companies face. In addition to the core functions of a firewall, NGFWs integrate a range of other capabilities to protect against advanced cyber threats.

How an NGFW Works

Firewalls define network boundaries. All traffic passing through an NGFW is inspected by that firewall. This inspection allows the firewall to apply security policy rules which permit or block traffic.

An NGFW builds on the capabilities of a traditional firewall by incorporating additional features. For example, an NGFW operates at the application layer of the TCP/IP stack to apply intrusion prevention system (IPS), antimalware, sandboxing and other protections. These functions allow an NGFW to identify and block advanced threats before they pose a risk to corporate systems.

Why Do You Need an NGFW?

Today`s threat landscape consists of modern Gen V cyberattacks which are sophisticated and organized, automated attack campaigns that target multiple attack vectors using advanced tactics and techniques to gain access to corporate environments.

Blocking these attacks at the network perimeter is essential to minimizing the potential risk to the organization. However, traditional firewalls lack the in-depth network traffic visibility to identify and prevent these attacks. An NGFW`s array of integrated network security controls makes it a robust first line of defense against these threats.

Additionally, an ngfw can be used as part of a network segmentation strategy. By dividing the corporate network into zones and routing traffic between zones through an NGFW, organizations have multiple opportunities to detect and eliminate threats before they reach their intended targets. This internal security is essential when hackers can infiltrate a corporate network through account takeovers, supply chain attacks, and similar attacks.