Solving new information security threats with Next Generation Firewall

As well as the myriad of existing information security threats, many more are emerging from across the world. So on top of old threats, we also have new information security threats to be concerned about. Unfortunately, existing technologies can’t always cope with these new threats. In recent years, cybercrime has evolved and the level of sophistication of internet-based threats has increased dramatically. We believe that next generation security is the solution and below, we talk you through how it works.
More and more frequently, hackers are preying on the vulnerabilities exposed through legitimate traffic and genuine users. Hackers are now aiming attacks at weaknesses found at the application layer in order to do some damage. Traditionally firewalls have a shortcoming in that they are network port-based, which means they have very little understanding of traffic at higher layers. They basically can’t “inspect” legitimate application traffic to see whether it is being used for normal purposes, or for an attack.
However, new firewalls have gone up a gear in response to new threats. Known as Next Generation Firewalls, or NGFWs, these address shortcomings of previous firewalls, by providing additional functionality. This means the NGFWs can look deeper into the data that is carried by an application. This way, it can seek out known exploits, vulnerabilities and malware and find out if it is being used for an attack.
Not only are NGFWs ready for sophisticated attacks, they are also very easy to use. NGFWs, such as those from Fortinet, are an integrated security platform. They operate at wire speed providing features like signature based intrusion prevention system. This feature uses “signatures” that match attack patterns. Other features include SSL (Secure Sockets Layer) inspection, application awareness and control. NGFWs also include traditional “stateful” inspection that characterises traditional firewalls and keeps track of the state of network connections.
Top drivers for moving to a NGFW
Research from 2014 showed the main reasons for moving to NGFW were increased use of social media, BYOD and more use of public cloud services such as Dropbox.
There is a whole host of reasons to move to NGFW. Almost a quarter of organisations made the move to deal with sophisticated threat environments, such as APTs (Advanced Persistent Threats). Other reasons included consolidation of security functions, higher incidence of data breaches and security attacks.
For organisations that are still using traditional firewalls and don’t plan to change, fear not. As an alternative solution they could add further point security solutions, for example, IPS (Intrusion Prevention System), URL filtering, antivirus of antimalware to their current firewall. Ideally they should look to replace their existing solutions with NGFW. From our team’s experience, the security and ease of use of an integrated NGFW platform outweighs the complexity and cost of multiple security platforms.
This isn’t the end….
Because it is such an interesting and evolving landscape, we will have more blogs for you on the topic of next generation security. Stay tuned and sign up to our newsletter to make sure you don’t miss out. Don’t forget to follow us on Twitter and LinkedIn.