Updated: Oct 25
In a previous blog we discussed endpoint protection and network protection and why both are important. Today we look at essential features of a Next Generation Firewall (NGFW) that you should consider before making a decision. You can read the previous blog here.
A firewall allows an organization to enforce security policies at the network level, protecting all the devices behind the firewall without having to implement these policies on every device.
WHY DO YOU NEED ONE?
Prevention is key. Every network needs an advanced malware defense which involves many layers of safeguards. There are many types of malware that a firewall can protect against, including:
Viruses, Worms, Trojan, Spyware, Adware, Phishing, Ransomware.
Essential NGFW Capabilities you must consider before buying
This is the console where security controls are done. This involves usability for day-to-day operations from a single-pane-of-glass that should be able to manage all configurations across NGFW deployed on-premises or in the cloud. Some of the important features that need to be considered are:
Ease of use, where the UI reduces the staff hours required to complete an operation.
Automation and orchestration with third-party IT and security solutions
Compliance and audit control reporting
Monitoring: Look for real-time monitoring, reporting and analytics to help troubleshoot, investigate risks, and guide smart security policy decisions and actions.
Cloud and on-prem: Configuration and management of NGFW should be available via the cloud or through an on-premises management system.
Scalability: It should scale to any size organization, managing networks with up to thousands of firewall devices deployed across many locations.
Console: Enterprises should look for an NGFW that uses a single pane of glass to manage all security functions, such as IPS, URL filtering and others, from a single location.
IPS (Intrusion Prevention System)
IPS within the NGFW provides an additional layer of needed security by stopping attacks that exploit vulnerabilities. The intrusion detection is done using signatures for known exploits and is based on anomaly detection.
Other threat prevention techniques include:
Application control allows businesses to define firewall policies based on applications (e.g., Facebook, YouTube, Salesforce). Application Control gives granular control over network traffic based on user identity and IP addresses while providing application-layer access control to regulate web browsing, file transfer, email exchange and email attachments. Look at the types of applications that are included in an NGFW database to make sure all the applications that are in use within the business are supported.
Web Control (URL Filtering)
Web control compares requested websites against a massive database containing millions of rated URLs, IP addresses and domains. It enables administrators to create and apply policies that allow or deny access to websites based on individual or group identity, or by time of day, using pre-defined categories. An NGFW should be able to do URL filtering based on business point of view (block based on category – business) as well as based on security (block based on reputation – security).
Virtual Private Network (VPN)
Distributed enterprises typically have remote branch offices that need secure access to the corporate network. The recent expansion in Work-From-Home (WFH) policies has also resulted in many employees working remotely. VPNs provide robust, secure access to corporate networks and resources, so it is essential to consider VPN as part of your NGFW.
It is important to make sure the NGFW provides a comprehensive VPN solution with site-to-site and remote-access encryption.
Ariel Technology, we have partnered with Sophos and Fortinet to provide you with the right NGFW suitable for your organization.
Our NGFW Solutions
SOPHOS XG FIREWALL
FORTINET FORTIGATE FIREWALL
Contact us today for detailed descriptions of the security solutions and customer friendly prices.