Next-Generation Firewall

Firewalls have been first line of defense in computer networks forever and their evolution is in many ways not really »something new« but rather addition of many functions that were previously a separate device. This means, that there is a very thin line between talking about Unified Thread Management and Next Generation Firewall (NGFW).

But what does really NGFW bring to the table? For sure a lot of features as IPS, SSL decryption, Application awareness, blacklists, whitelists and many more. But those (should) have already been present in the network for long time. The most problematic issue remains and that is proper usage of all this “new” technologies by system administrators. Default IPS policies do not cut it anymore, application awareness is not much of use if companywide policies of “do’s and don’ts” are not in place and if SSL encrypted traffic is free to fly through this enormous black hole in the good old trusty firewall we all hope is a magic bullet for protection. NGFW just became so much better and offer much more we did even dream of, but in unskilled hands they still are number one exploited path by malware that is very well aware of hiding in SSL encrypted tunnels.