Network firewalls lie at the heart of any IT security strategy.
Survey any organization for the type of security tools they deploy and they will vary on many points, but all will include a network firewall. The last couple of years we have seen huge developments in firewall technology. They have evolved significantly over the past decade to include an array of advanced features, and these more advanced firewall offerings are called Next-Generation Firewalls (NGFWs).
Firewalls are so critical to IT security that the $10 billion market is the largest IT security product market and is still growing around 8% per year. Director Solutions & Innovation Mohamed El Haddouchi notes that NGFWs are now the norm.
"Next-generation capabilities have been achieved by all solutions in the enterprise network firewall market, but vendors differentiate on feature strengths and depth." - Mohamed El Haddouchi, Director Solutions & Innovation, Infradata
NGFWs contain features such as support for single-enterprise firewalls, as well as branch offices, multi-tiered demilitarized zones (DMZs), and virtual versions that can be deployed within the cloud. Next-Generation Firewalls come with comprehensive management and reporting, user control, and policy enforcement for applications, intrusion prevention, sandboxing, deep packet inspection, and incorporate threat intelligence feeds. All NGFW products contained in this list include those features, but some vendors seek to differentiate themselves by adding additional functionality.
“NGFW should be on every company's short list.” - Mohamed El Haddouchi, Director Solutions & Innovation, Infradata
Here are our top 5 vendors to watch out for in the NGFW market in 2018.
Palo Alto Networks PA-Series
Palo Alto Networks next-generation firewalls are all based on a consistent Single-Pass Architecture. Palo Alto integration with GlobalProtect mobile security service extends policy-based security to mobile devices (whether on-premises or remote). Integration with threat intelligence services keeps information up to date for the firewall (e.g., URL categories, threat signatures).
The FortiGate next gen firewall is a high-performance network security appliance that adds intrusion prevention, application control, and anti-malware to the traditional firewall-VPN combination. This NGFW provides one platform for end-to-end security across your entire network.
Check Point Advanced Threat Protection
Check Point’s enterprise firewall product line includes 17 appliances and two chassis for hardware blades, scaling up to 400 Gbps. It can also be delivered as a virtual appliance, deployed on VMware, Amazon Web Services (AWS), OpenStack and Microsoft Azure, or delivered as software.
Juniper Networks SRX Firewall series
Juniper next-generation firewalls use information from Juniper’s Sky Advanced Threat Protection cloud-based service and third-party GeoIP feeds to block malicious activities as they enter or traverse the network. It also provide application visibility and control, IPS and user-based application policies, plus unified threat management (UTM) to protect and control your business assets.
Forcepoint's NGFW provides centralizing monitoring, management and reporting across diverse virtual, physical and Cloud environments, as well as third-party devices. Optimized workflows streamline daily administrative tasks and security management for high efficiency and low total cost of ownership (TCO).
25 July 2018