Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What is the difference between firewall and next generation firewall?

user-image
Question ajoutée par ahmed reda , Information Security Engineer , Security Meter
Date de publication: 2016/04/08
Sanil PK
par Sanil PK , Security Administrator , Horizon Energy LLC

A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with other network device filtering functionalities such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS)

Digvijay Chavda
par Digvijay Chavda , Sr. Engineer IT-operation , Panamax InfoTech Ltd

Firewalls are based on Network Security and now Next generation firewalls are based on Application , Network , SSL decryption ,Identity 

Utilisateur supprimé
par Utilisateur supprimé

Some security features that can be found in a  NGFW that give a difference betweem the traditional firewall are:

  • Non-disruptive, in-line, bump-in-the-wire (BITW) configuration, wherein a 'stealth' firewall resides inside the subnet so it can filter traffic between hosts
  • Integrated signature-based intrusion prevention system (IPS), which specifies which kinds of attacks to scan for and report on
  • Identification of applications using pre-defined application signatures, payload analysis, and header inspection, plus enforcement of network security policy at the application level, because applications (rather than networking services and components) have become the greatest area of exploitation today by malware and other attacks
  • Full stack visibility, which goes hand-in-hand with control of applications
  • Granular control, or extremely detailed control of applications
  • Capability to incorporate information from outside the firewall, including directory-based policies, white lists, and black lists
  • Upgrade path to include future security threats and information feeds
  • Secure sockets layer (SSL) decryption to enable identification of undesirable encrypted applications

More Questions Like This