Definition - What does Next-Generation Firewalls mean?
The difference between a standard firewall and next-generation firewalls is that the latter performs a more in-depth inspection and in smarter ways. Next-generation firewalls also provide additional features like active directory integration support, SSH and SSL inspection, and malware filtering based on reputation.
Techopedia explains Next-Generation Firewalls
Next-generation firewalls also have more application awareness and deploy various techniques for identifying different applications, including Web-based ones. They store the details of approved applications and examine the data packets for any issues. They also keep a baseline for deviations from normal application behaviors, which can help system administrators.
Next-generation firewalls are expected to provide the following:
- All traditional firewall capabilities
- Identification of undesired encrypted applications with the help of SSL decryption
- Granular control and application awareness
- Continuous service with respect to in-line bump in the wire configuration
- Integrated prevention techniques against network intrusions
- Capability of using intelligence in improving blocking decisions
- An integrated, signature-based intrusion prevention engine