- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
Network World - If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."
Firewall managers like to use the term "5-tuple," borrowing "tuple" from the world of databases. The "5-tuple" means the five items (columns) that each rule (row, or tuple) in a firewall policy uses to define whether to block or allow traffic: source and destination IP, source and destination port, and protocol.
For example, to allow traffic to a Web server at 184.108.40.206 from the Internet, a typical 5-tuple would include source IP and port of "any" (or "*"), destination IP of 220.127.116.11, destination ports of 80 and 443, and destination protocol of TCP — with an action of "allow." There's variation in every firewall on the market, but at the core of every one you'll find a set of rules that look more-or-less like that: 5-tuples.
Next-generation firewalls "widen" the firewall rule base by adding elements (columns) to each 5-tuple, starting with "application" and "user identity" and perhaps going wider still, factoring in other elements such as "reputation."
Read more about security in Network World's Security section.