Home / Company / News / Media Coverage / Next-generation firewalls: In depth

Next-generation firewalls, meet this generation's network and threat environment.

Traditional stateful inspection firewalls, with their port- and protocol-based controls, have limited visibility into the contemporary Web-based network landscape. Thanks to the explosive popularity of Web 2.0, thousands of Web-based business and consumer apps and attacks are launched primarily through the application layer. Stateful inspection firewalls cannot distinguish what applications are passing via http and https over ports 80 and 443. Attackers have become adept at using low-and-slow techniques in targeted attacks that evade intrusion-prevention systems (IPS).

What Next-Gen Firewalls Do

True next-gen firewalls perform deep packet inspection to identify application traffic at Layer 7, performing a single inspection pass that integrates firewall, intrusion-prevention and additional security capabilities in a single high-performance appliance. Application intelligence, combined with user identity information, provides context for highly granular firewall access rules that allow for detection of contemporary Web-based attacks.

Read the full article now.