Next Generation Firewalls – Off and Running

Community World, the premier supplier of data, intelligence and perception for community and IT executives, singled out the motion to a subsequent technology firewall as a precedence for 2011. Now nearly two years later, the business information supply remains to be placing the expertise within the highlight. From a 1% utilization when the article was written, adoption of the expertise was anticipated to soar to 35% by 2014.

At their inception, subsequent technology firewalls drew consideration from Community World as a result of they required “a unique mind-set about (community) safety targets related to a firewall.”

What differentiates a subsequent technology firewall from a conventional firewall?

In accordance with Fortinet and different distributors,


  1. It places a precedence on the institution of controls by way of how a enterprise’s workers “entry the Web, the Internet and social networking websites.” Extra particularly, it could actually block workers from posting to time losing websites like Fb.
  2. Not like a conventional firewall, a subsequent technology firewall shouldn’t be port based mostly.
  3. A subsequent technology firewall is quicker and extra clever. Particularly, it could actually leverage applied sciences like status filtering and might “combine with Energetic Listing for id and coverage administration.”
  4. It allows enterprise homeowners “to ascertain and implement identity-based software utilization insurance policies.”
  5. VPN capabilities might be integrated into them.
  6. It could sweep visitors on the software layer with the purpose of stopping intrusions.
  7. It affords customers an unobstructed view into their community exercise and bandwidth consumption. Because of this, they “can administer software controls associated to bandwidth wants and priorities.”


Are they catching on as anticipated?

In a follow-up article, Community World declared that the brand new firewall expertise was certainly “off to begin.” And the publication supply singled out Fortinet as one of many high three leaders. Furthermore, when the efficiency of those trio of suppliers had been stacked in opposition to one another, Fortinet’s FortiGate next-generation firewall ranked excessive, scoring main factors for its administration interface and value.

One other space that set the Fortinet subsequent technology firewall aside was its rule-writing capabilities, which permits reference to IP addresses in addition to geography. FortiGate additionally “has a slick rate-based coverage characteristic designed to keep away from denial-of-service assaults,” the comparative research identified.

How are software controls built-in into them?

This will depend on the particular vendor, and it’s a important differentiation level between product choices. Fortinet’s method to this difficulty is one wherein a single rule base applies to every part. Community World not solely discovered this method “the best to handle and probably the most intuitive from a fundamental safety standpoint” but additionally “probably probably the most highly effective as a result of it permits visitors to stream solely when all attributes match up.” What’s extra, “it lets you interleave guidelines with and with out software controls.”

What’s the present state of subsequent technology firewalls?

Nearly three years after Community World singled out the expertise as one thing to look at, the publication says that subsequent technology firewalls are actually widespread.

For extra data go to: fortigate 60f

Leave a Reply

Your email address will not be published.