How to conduct a next-generation firewall evaluation
A comprehensive collection of articles, videos and more, hand-picked by our editors
A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.
Next-generation firewalls integrate three key assets: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control. Like the introduction of stateful inspection in first-generation firewalls, NGFWs bring additional context to the firewall’s decision-making process by providing it with the ability to understand the details of the Web application traffic passing through it and taking action to block traffic that might exploit vulnerabilities.
Next-generation firewalls combine the capabilities of traditional firewalls -- including packet filtering, network address translation (NAT), URL blocking and virtual private networks (VPNs) -- with Quality of Service (QoS) functionality and features not traditionally found in firewall products. These include intrusion prevention, SSL and SSH inspection, deep-packet inspection and reputation-based malware detection as well as application awareness. The application-specific capabilities are meant to thwart the growing number of application attacks taking place on layers 4-7 of the OSI network stack.
Continue Reading About next-generation firewall (NGFW)
'next-generation firewall (NGFW)' is part of the:
View All Definitions