Legacy firewall technologies alone provide little protection against many of the latest threats. These technologies with stateful protocol filtering and minimal application visibility were simply not designed to address newer threats originating from areas such as Web 2.0 and cloud computing environments. Additionally, legacy firewall technologies require multiple separate technologies to work together to provide protection against a wide spectrum of attacks.
Using separate firewalls, intrusion prevention systems (IPS), intrusion detection systems (IDS), anti-virus, anti-spyware, and content-filtering appliances result in higher operational costs and strain companies that lack the time, resources and expertise required to manage and maintain multiple security technologies.
Next Generation Firewalls (NGFWs) provides a single, integrated solution that manage multiple layers of network security defenses. An NGFW device simplifies the simultaneous orchestration of various security tools and allows for a more granular approach to application security.
Unlike legacy firewall technologies, which only provide basic "allow or block" functionality for ports or IP addresses, NGFWs include blocking or alerting on more granular security policy items for applications. For example, you may want to stop your employees from accessing Facebook. With a legacy firewall, you are limited to either allowing or blocking all access to a specific internet destination. With an NGFW, you can set policy controls to specifically block Facebook for everyone except employees in the marketing department. You can also drill down deeper and block specific types of communication within an allowed application, like bandwidth-eating streaming content.
So when your organization is ready to refresh or replace its existing firewalls, consider evolving your security infrastructure with NGFWs. The improved technology will not only help you achieve a greater overall security posture and free up internal resources, it will also likely result in reduced costs.