What is a Next Generation Firewall and how they work?
A next-generation firewall (NGFW) is the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities like application firewall using in-line deep packet inspection (DPI), intrusion detection or prevention system (IDS/IPS), TLS/SSL encrypted traffic inspection, website filtering, malware inspection and so on.
Traditional firewalls and NGFWs have the same purpose. To protect networks. They both include some variation of the following:
- Static packet filtering that blocks packets at the point of interface to a network, based on protocols, ports, or addresses
- Stateful inspection or dynamic packet filtering, which checks every connection on every interface of a firewall for validity
- Network address translation NAT for re-mapping the IP addresses included in packet headers
- Port address translation that facilitates the mapping of multiple devices on a LAN to a single IP address
- Virtual private network (VPN) support, which maintains the same safety and security features of a private network over the portion of a connection that traverses the internet or other public network, QOS,…
The main difference is, that witch the integration of NGFW you get a complete network visibility and extra layers of security.
- Application Visibility and Application Control even on encrypted traffic like HTTPS
- Identity Awareness (User and Group Control)
- Integrated protection (IPS, Anti Malware, Web filtering, Data Leakage Protection),
Next-generation firewalls are more intelligent and can recognize an application or website regardless of IP address or port numbers. The advanced filtering technology looks deep inside packets of an application and can analyze and make intelligent decisions about which content and packets to block.