I think there is often a misconception of the term “Next-Gen Firewall.” I’ve heard it said that a Next-Gen firewall is a buzzword in the industry, that it somehow works with APIs in the cloud, and that it’s an additional cost on a firewall quote. While it’s a common name in the industry, can offer API access for management, and costs more than a traditional firewall, the Next-Gen firewall is a powerful solution for protecting a network.
A common and well-known deployment method is to protect north and south traffic, passing between you and the Internet. Many are familiar with a stateful firewall. If ‘port 80’ needs permitted, a network administrator opens it. It’s straight forward.
But what if there were intelligence services backing the firewall? What if every packet entering and exiting the firewall were inspected with an Intrusion Prevention System (IPS), malware scanning, or even application scanning? This is where Next-Gen happens.
IPS Signatures, threat intelligence feeds, and other components are updated on a regular basis. Don’t assume your firewall receives these dynamic updates, or that it protects against malicious traffic in the first place. New threats pop up across the Internet daily.
For anyone providing public services via AWS, Azure or similar offerings, Next-Gen firewalls are still needed. The difference is the packets enter your network in another location.
To learn more about Next-Gen firewalls and how to implement them in your business environment, reach out to us at firstname.lastname@example.org or call (877) 659-2261.