By IT Brew Staff
less than 3 min read
Definition:
Like a traditional firewall, a next-generation firewall (NGFW) can examine data packets, blocking any that are malicious. However, NGFWs come with additional features, including threat intelligence from external sources, application awareness and control (i.e., determining blocking or allowing data packets based on their destination app), and blocking intrusions via techniques such as statistical anomaly detection.
A traditional firewall monitors incoming and outgoing network traffic, and then controls that traffic based on preset security rules. For example, a firewall set between a private and public network can prevent users of the latter from stealing sensitive data contained in the former.
To frame it another way, a traditional firewall engages in perimeter defense, while its next-generation equivalent takes things another layer deeper by asking where the data is going, who potentially sent it, and how it’s behaving. Next-generation firewalls take a more aggressive posture against potential cyberattacks, given how they’re designed to continually respond to evolving threats.
Depending on its needs, an organization could deploy a NGFW as a hardware appliance or as software. IT teams tasked with managing an on-premises data center and network may opt to take the hardware route, as that offers predictable, high performance; software-based firewalls are often best for organizations that are cloud-centric and have a need to scale rapidly. Before deploying, those teams should figure out how a NGFW will integrate with existing security policies and technical requirements.
