Advanced Firewalls, part 2

The integration of IPS functionality and threat intelligence

The firewall has served as a primary barrier between a company’s IT assets and the outside world for many years. In our last video, we examined some of the major advancements that have been incorporated into advanced firewalls over the last few years, including more granular application and user-level controls. These controls allow firewalls to more effectively restrict unnecessary or risky application usage, ultimately reducing the attack surface.

To further broaden the functionality of advanced firewalls to confront application-layer exploits along with the attacks that have long targeted networks, advanced firewalls have also adopted some threat-centric functionalities.

The first of these functionalities is intrusion prevention system technology, commonly known as IPS. This critical element enables advanced firewalls, or next-generation firewalls (NGFW), to detect and block networks attacks. Some NGFWs, when incorporating IPS functionality also provision real-time network visibility of hosts, applications, operating systems, users, content, and attacks.

The other functionality to protect against newly discovered threats is the use of threat intelligence research. This research, carried out by NGFW vendors, must understand emerging threats and be quickly translated into effective vulnerability-based protections in an NGFW that detect and block the myriad vulnerabilities and exploits that emerge daily.

In our next video Chalk Talk, we’ll discuss the evolution of malware.

Did you miss our first episode? Watch Part 1 here.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.