ALERT

[FREE DEMO] Deploy Your Enterprise Cloud in Minutes

Next-Generation Firewalls

Definition - What does Next-Generation Firewalls mean?

Next-generation firewalls are a class of firewall that are implemented in either software or hardware and are capable of detecting and blocking complicated attacks by enforcing security measures at the protocol, port and application level.

The difference between a standard firewall and next-generation firewalls is that the latter performs a more in-depth inspection and in smarter ways. Next-generation firewalls also provide additional features like active directory integration support, SSH and SSL inspection, and malware filtering based on reputation.

Techopedia explains Next-Generation Firewalls

The common functionalities present in traditional firewalls such as state inspection, virtual private network and packet filtering are also present in next-generation firewalls. Next-generation firewalls are more capable of detecting application-specific attacks than standard firewalls and thus can prevent more malicious intrusions. They do a full-packet inspection by checking the signatures and payload of packets for any anomalies or malware.

Next-generation firewalls also have more application awareness and deploy various techniques for identifying different applications, including Web-based ones. They store the details of approved applications and examine the data packets for any issues. They also keep a baseline for deviations from normal application behaviors, which can help system administrators.

Next-generation firewalls are expected to provide the following:

  • All traditional firewall capabilities
  • Identification of undesired encrypted applications with the help of SSL decryption
  • Granular control and application awareness
  • Continuous service with respect to in-line bump in the wire configuration
  • Integrated prevention techniques against network intrusions
  • Capability of using intelligence in improving blocking decisions
  • An integrated, signature-based intrusion prevention engine

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.