Next Generation Firewall(NGFW)Feature and Benefits - PowerPoint PPT Presentation

About This Presentation
Title:

Next Generation Firewall(NGFW)Feature and Benefits

Description:

Cyberoam NGFWs offer actionable intelligence and controls to enterprises that allow complete security controls over L2-L8 for their future-ready security. The next-generation security features in Cyberoam NGFWs protect networks against newly-evolving threats. – PowerPoint PPT presentation

Number of Views:2412
Slides: 14
Provided by: anthonydaniel
Category: Other
Tags:

less

Transcript and Presenter's Notes

Title: Next Generation Firewall(NGFW)Feature and Benefits


1
Next Generation Firewall(NGFW)Feature and Benefits
2
Next Generation Firewall(NGFW)
  • A next-generation firewall (NGFW) is a hardware-
    or software-based network security system that is
    able to detect and block sophisticated attacks by
    enforcing security policies at the application
    level, as well as at the port and protocol level.
  • The term next generation, in the context of
    network or enterprise firewall, implies a
    software or hardware-based security that goes
    beyond the general methods of URL blocking,
    network address translation, and packet
    filtering. This advanced firewall comes with
    granular controls that enable it to conduct a
    detailed examination of the Web application
    traffic that passes through it. The firewall is
    not restricted to examining traffic data only of
    certain packets, as it is able to track each
    packet of traffic to larger transactions.

3
Features of Next Generation Firewall(NGFW)
  • Standard firewall features They include the
    traditional (first-generation) firewall
    functionalities such as stateful port/protocol
    inspection, network address translation (NAT),
    and VPN.
  • Application identification and filtering This is
    the chief characteristic of NGFWs. They can
    identify and filter traffic based upon the
    specific applications, rather than just opening
    ports for any and all traffic. This prevents
    malicious applications and activity from using
    non-standard ports to evade the firewall.
  • SSL and SSH inspection NGFWs can even inspect
    SSL and SSH encrypted traffic. They can decrypt
    traffic, make sure its an allowed application
    and check other policies, and then re-encrypt it.
    This provides additional protection from
    malicious applications and activity that try to
    hide using encryption to avoid the firewall.

4
Features of Next Generation Firewall(NGFW)
  • Intrusion prevention Being more intelligent and
    with deeper traffic inspection, they may also be
    able to perform intrusion detection and
    prevention. Some next-gen firewalls might include
    enough IPS functionality that a stand-alone IPS
    might not be needed.
  • Directory integration Most NGFWs include
    directory support (i.e., Active Directory). For
    instance, to manage authorized applications based
    upon users and user groups.
  • Malware filtering NGFWs can also provide
    reputation-based filtering to block applications
    that have a bad reputation. This can possibly
    check phishing, virus, and other malware sites
    and applications.

5
Next-Generation Firewalls (NGFW) With Layer 8
Identity-Based Technology
  • Actionable Intelligence Controls
  • Cyberoam OS
  • High Performance
  • Scalability
  • Flexibility

6
Things to Consider When Looking at a Next
Generation Firewall solution
  • Underlying Architecture and design Was the Next
    Generation Firewall designed from the ground up
    to perform its security controls in a single pass
    or are there different modules that have been
    added to an existing platform to provide added
    functionality? This could lead to issues with the
    following two items to consider.
  • Performance What if any impact will be
    recognized if you turn on all of the security
    features and apply them to every security policy?
  • Leveraging Application intelligence for threat
    scanning Can the firewall use application
    visibility and knowledge to scan only threats for
    the application in question or does it have to go
    through its entire database for evaluation? See
    the example of Oracle above.
  • Management How easy is it to manage the Next
    Generation Firewall? Do I have to configure
    different rule-bases to take advantage of
    application control? Is the threat prevention
    management a separate rule-base or is it
    integrated with security policy? How much
    visibility/logging is provided into traffic
    traversing the firewall? This becomes important
    when troubleshooting and potentially migrating
    from port based control to application based
    control.

7
Reasons a Next Generation Firewall Is A Must
  • Application Identification Application
    identification answers the question, what sort of
    traffic is allowed? It uses multiple
    identification mechanisms to determine the exact
    identity of applications crossing the network. As
    the applications are identified through a
    multi-factor approach, the policy check
    determines how to treat the applications and
    related functions. Accurate traffic
    classification is the core of any firewall, with
    the outcome becoming the foundation of the
    security policy.
  • Application Control Application control is as
    critical as identifying the applications.
    Next-generation firewalls with application
    control allow you to create application-based
    firewall policy, to help regain full control over
    application traffic by managing bandwidth. A
    robust next generation firewall solution on your
    enterprise wireless network provides granular
    application usagecontrol policies such as
    allowing or denying, allowing certain application
    functions and applying traffic shaping, decrypt
    and inspecting, and allowing for certain users
    and groups. It increases productivity, prevents
    data leakage and protects against
    application-borne malware.

8
Reasons a Next Generation Firewall Is A Must
  • Threat Prevention In order to prevent threats
    effectively, any network needs to first reduce
    the avenues of attack by controlling which
    applications run on it. Then, a firewall needs to
    scan allowed application traffic for threats
    more broadly, while not limiting them to a strict
    definition of a particular type of threat.

9
Advantages of Next Generation Firewall
  • All-in-one functionality
  • Greater visibility and control
  • Simplified management
  • Better security
  • Lower total cost of ownership

10
Comparing Next Generation Firewalls
  • Does the NGFW solution provide protection
    against server application attacks and client
    application attacks? What is the percentage of
    time that it does not?
  • Can the NGFW solution be evaded?
  • Is the device stable and reliable?
  • Does the NGFW solution enforce inbound and
    outbound application polices?
  • Does the NGFW solution enforce inbound and
    outbound identity policies?
  • What is the performance of the solution?

11
Our Social Reach
12
Cyberoam Technologies
USA Central 1-732-412-4896Delhi NCR
91-9899150300 Ahmedabad 91-9925011328 Bangalo
re 91-9880345671 Dubai
971-4-214 9860
Cyberoam House, Saigulshan Complex, Opp.
Sanskruti, Beside White House, Panchwati Cross
Road, Ahmedabad - 380006, GUJARAT, INDIA.
North America 505 Thornall Street, Suite
304 Edison, NJ -08837 USA
sales_at_cyberoam.com http//www.cyberoam.com/
13
Thank You
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Next Generation Firewall(NGFW)Feature and Benefits" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!