Skip Links

What you should know about Next Generation Firewalls

Next Generation Firewalls are powerful, if not a bit confusing

By , Network World
December 01, 2010 03:43 PM ET

Network World -  So what is the so-called Next Generation Firewall?

Abbreviated as NGFW, it's a term popular with vendors, and favored by the Gartner consultancy, to describe newer types of firewalls that go far beyond the older, traditional port-based firewalls to include multi-purpose security defenses and identity-based application controls.

Also read: Is a next-generation firewall in your future?

What would those be?

NGFW is not a scientific term, so there's fluidity in its use for marketing purposes. But it's not just marketing hype either. The Gartner consultancy, which has favored the term NGFW for a number of years, is fairly set in what it expects to see in any security equipment calling itself "NGFW." Gartner's basic definition is having an impact on vendors deciding to develop more sophisticated firewalls that depart from traditions port-based inspection and controls.

What is Gartner's notion of NGFW?

In short, Gartner's "must have" definition for NGFW is:
- Must have standard firewall features such as network address translation, stateful inspection, VPN and be suited for the large enterprise.
- The intrusion-prevention system is "truly integrated" with the firewall.
- There's an "application-awareness" capability to recognize applications and set controls.
- An "extra-firewall" intelligence can bring in information to help make decisions; examples would be reputation analysis, integration with Active Directory, or useful blocking or vulnerability lists.

So if a vendor says it offers an "NGFW," should I assume it does all this?

Not necessarily. Again, there's the marketing aspect that makes using the term NGFW sound good. But many of the established firewall vendors are working to re-tool their firewall product line to meet NGFW expectations. Start-up Palo Alto Networks, which launched in 2007, is widely regarded as the first vendor with a next-generation firewall security appliance, which has had a disruptive effect and gotten the traditional firewall vendors making changes. Palo Alto, too, continues to add features to its gear.

Is NGFW equipment widely used?

No. Gartner estimates less than 1% of secure interconnections are supported through NGFW, though the consultancy predicts that will rise to 35% by 2014. Despite all the hype, the NGFW market is still regarded as emerging.

So what is Unified Threat Management (UTM)?

This is a term coined by IDC to describe a similar concept of a multi-purpose consolidated security device as NGFW. Like NGFW, UTM is also not a scientific term but not totally marketing hype. Although IDC came up with the term UTM, Gartner will bicker over what it means, claiming it refers to a device for the small-to-midsized market. IDC will bicker over what NGFW means. But IDC analyst Charles Kolodgy recently summed up his thoughts in an interesting way by saying, "I very much doubt we will have a market called NGFW, it is just the Firewall market. You can only be next generation for so long." Some vendors use NGFW and UTM in their marketing. But it's one of those academic debates that shouldn't profoundly influence purchasing decisions, especially as there is a lot of product evolution occurring. What should matter is how each so-called NGFW or UTM piece of equipment performs in its designated job in the network.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News