next-generation firewall (NGFW)
A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.
Download this free guide
Download Now: NGFW Vendor Reviews and Ratings
Are you making NGFW purchase decisions based on need, risk and future growth? Inside this guide discover 6 criteria for buying a NGFW, survey data on top firewall trends in 2017, peer reviews on firewall vendors in the market today and more.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Next-generation firewalls integrate three key assets: enterprise firewall capabilities, an intrusion prevention system (IPS ) and application control. Like the introduction of stateful inspection in first-generation firewalls, NGFWs bring additional context to the firewall’s decision-making process by providing it with the ability to understand the details of the Web application traffic passing through it and taking action to block traffic that might exploit vulnerabilities.
Next-generation firewalls combine the capabilities of traditional firewalls — including packet filtering. network address translation (NAT ), URL blocking and virtual private networks (VPNs ) — with Quality of Service (QoS ) functionality and features not traditionally found in firewall products. These include intrusion prevention. SSL and SSH inspection, deep-packet inspection and reputation-based malware detection as well as application awareness. The application-specific capabilities are meant to thwart the growing number of application attacks taking place on layers 4-7 of the OSI network stack .
This was last updated in January 2014
Find more in-depth information about how next-generation firewalls work. what they are and aren’t, how they are sold, and where the technology is headed. Then read three criteria to help you determine if NGFWs are the right choice for your organization. and if so, which NGFW prodcuts are the best for you .
Continue Reading About next-generation firewall (NGFW)
application whitelisting Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all. See complete definition distributed denial of service (DDoS) attack A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple. See complete definition virus (computer virus) A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document. See complete definition