Q

Next-gen firewall vs. UTM device: Which is better for Web 2.0 risks?

How does a next-gen firewall differ from a UTM device, and how does each stack up against Web 2.0 risks?

It seems to me UTMs are basically stateful firewalls with a few additions and that, for Web 2.0 applications, UTM is obsolete. But what would you define as next-generation firewalls, and would you recommend them, in  particular, to protect against Web 2.0 threats?

When stateful inspection firewalls first came on the scene in the 1990s, they revolutionized network security by allowing perimeter protection to move beyond the simple packet-by-packet filtering process used up until that point.  Stateful inspection added intelligence and memory to the firewall.  Instead of simply making independent decisions each time it encountered a packet, the firewall was now context-aware, able to make decisions based upon the information it had gathered about a connection.

You’re correct in pointing out that unified threat management (UTM) products are basically stateful inspection firewalls with some additional security functionality.  You’ll find that these products often consolidate firewall, intrusion prevention, content filtering, antivirus and other security functionality into a single box.  While this approach is not often appropriate for a large enterprise, a UTM device can be a very effective product for smaller or midsize enterprises seeking to limit security expenditures.

Next-generation firewalls (NGFW) represent the next major step in the development of firewall technology.  I’d actually consider them an advancement from stateful inspection technology, rather than comparing them to UTM devices.  A next-gen firewall is designed to combine the functionality of a firewall and an IPS, while adding detailed application awareness into the mix.  Like the introduction of stateful inspection, NGFWs bring additional context to the firewall’s decision-making process by providing it with the capability of understanding the details of the Web application traffic passing through it, taking action to block traffic that might exploit Web application vulnerabilities.

UTMs and NGFWs will peacefully coexist in the marketplace for quite some time, because they serve very different markets.  While UTMs are targeted at the midsize enterprise that doesn’t generally host Web applications, NGFWs will find their home in large enterprises supporting Web 2.0 applications.

This was first published in September 2011

Dig deeper on Network Firewalls, Routers and Switches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close