Next-generation firewalls (NGFWs) are part of a third-generation firewall technology that can be implemented either in hardware or software. Detect and block sophisticated attacks by enforcing security policies at the application, port, and protocol level.
NGFW combines many of the features of traditional firewalls with quality of service (QoS) features, including packet filtering, network address translation (NAT) and port address translation (PAT), URL blocking, and virtual private networks (VPNs). Other features not found in traditional firewalls. This includes intrusion prevention, SSL and SSH inspection, deep packet inspection, reputation-based malware detection, and application recognition.
NGFWs are also better suited to addressing Advanced Persistent Threats (APTs) because they can be integrated with threat intelligence services. NGFW can also provide an affordable option to companies looking to improve basic device security with application awareness, inspection services, protection systems, and recognition tools.
Both NGFWs and traditional firewalls aim to protect an organization’s network and data assets, but there are also some differences. A key similarity is static packet filtering, which blocks packets at the interface point to network traffic. Additionally, both provide stateful packet inspection, network and port address translation, and can establish VPN connections.
One of the most important differences between traditional and next-generation firewalls is that NGFW provides deep packet inspection beyond simple port and protocol inspection by inspecting the data contained in network packets. Another key difference is that NGFW adds the ability to take action on data provided by application-level inspection, intrusion prevention, and threat intelligence services.
NGFW extends existing firewall capabilities of NAT, PAT, and VPN support to scan packets while incorporating new threat management technologies with a routing mode in which the firewall acts as a router.