SlideShare una empresa de Scribd logo

Next generation firewall(ngfw)feature and benefits

Descargar como PPT, PDF
Anthony Daniel
Anthony Daniel

Cyberoam NGFWs offer actionable intelligence and controls to enterprises that allow complete security controls over L2-L8 for their future-ready security. The next-generation security features in Cyberoam NGFWs protect networks against newly-evolving threats.

Tecnología
1 de 13
Next Generation Firewall(NGFW)Feature and Benefits
Next Generation Firewall(NGFW)  A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.  The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
Features of Next Generation Firewall(NGFW):  Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN.  Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non- standard ports to evade the firewall.  SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
Features of Next Generation Firewall(NGFW):  Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed.  Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups.  Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
Next-Generation Firewalls (NGFW) With Layer8 Identity-Based Technology  Actionable Intelligence & Controls  Cyberoam OS  High Performance  Scalability  Flexibility
Things to ConsiderWhen Looking at a Next Generation Firewall solution  Underlying Architecture and design: Was the Next Generation Firewall designed from the ground up to perform its security controls in a single pass or are there different modules that have been added to an existing platform to provide added functionality? This could lead to issues with the following two items to consider.  Performance: What if any impact will be recognized if you turn on all of the security features and apply them to every security policy?  Leveraging Application intelligence for threat scanning: Can the firewall use application visibility and knowledge to scan only threats for the application in question or does it have to go through its entire database for evaluation? See the example of Oracle above.  Management: How easy is it to manage the Next Generation Firewall? Do I have to configure different rule-bases to take advantage of application control? Is the threat prevention management a separate rule-base or is it integrated with security policy? How much visibility/logging is provided into traffic traversing the firewall? This becomes important when troubleshooting and potentially migrating from port based control to application based control.
Reasons a Next Generation Firewall Is A Must  Application Identification : Application identification answers the question, what sort of traffic is allowed? It uses multiple identification mechanisms to determine the exact identity of applications crossing the network. As the applications are identified through a multi-factor approach, the policy check determines how to treat the applications and related functions. Accurate traffic classification is the core of any firewall, with the outcome becoming the foundation of the security policy.  Application Control : Application control is as critical as identifying the applications. Next- generation firewalls with application control allow you to create application-based firewall policy, to help regain full control over application traffic by managing bandwidth. A robust next generation firewall solution on your enterprise wireless network provides granular application usagecontrol policies such as: allowing or denying, allowing certain application functions and applying traffic shaping, decrypt and inspecting, and allowing for certain users and groups. It increases productivity, prevents data leakage and protects against application-borne malware.
Reasons a Next Generation Firewall Is A Must  Threat Prevention : In order to prevent threats effectively, any network needs to first reduce the avenues of attack by controlling which applications run on it. Then, a firewall needs to scan “allowed” application traffic for threats more broadly, while not limiting them to a strict definition of a particular type of threat.
Advantages of Next Generation Firewall  All-in-one functionality  Greater visibility and control  Simplified management  Better security  Lower total cost of ownership
Comparing Next Generation Firewalls  Does the NGFW solution provide protection against server application attacks and client application attacks? What is the percentage of time that it does not?  Can the NGFW solution be evaded?  Is the device stable and reliable?  Does the NGFW solution enforce inbound and outbound application polices?  Does the NGFW solution enforce inbound and outbound identity policies?  What is the performance of the solution?
OurSocial Reach
Cyberoam Technologies USA Central : +1-732-412-4896 Delhi & NCR : +91-9899150300 Ahmedabad : +91-9925011328 Bangalore: +91-9880345671 Dubai: +971-4-214 9860 Cyberoam House, Saigulshan Complex, Opp. Sanskruti, Beside White House, Panchwati Cross Road, Ahmedabad - 380006, GUJARAT, INDIA. North America 505 Thornall Street, Suite # 304 Edison, NJ -08837 USA sales@cyberoam.com http://www.cyberoam.com/
Next generation firewall(ngfw)feature and benefits

Recomendados

Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 
01- intro to firewall concepts
01- intro to firewall concepts01- intro to firewall concepts
01- intro to firewall conceptsMostafa El Lathy
 

Recomendados

Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 
01- intro to firewall concepts
01- intro to firewall concepts01- intro to firewall concepts
01- intro to firewall conceptsMostafa El Lathy
 
Firewalls
FirewallsFirewalls
FirewallsKalluri Madhuri
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
What is firewall
What is firewallWhat is firewall
What is firewallHarshana Jayarathna
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.pptssuser530a07
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overviewMostafa El Lathy
 
7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces conceptsMostafa El Lathy
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its typesMohammed Maajidh
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 
Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentationAdvanced comm
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewallsSimon Bennett
 

Más contenido relacionado

La actualidad más candente

Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
FIREWALL
FIREWALL FIREWALL
FIREWALL Akash R
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overviewMostafa El Lathy
 
7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces conceptsMostafa El Lathy
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 

La actualidad más candente (20)

Firewalls
FirewallsFirewalls
Firewalls
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer network
 
What is firewall
What is firewallWhat is firewall
What is firewall
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Firewall
FirewallFirewall
Firewall
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
 
FIREWALL
FIREWALL FIREWALL
FIREWALL
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview
 
7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Firewall
FirewallFirewall
Firewall
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
 

Destacado

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentationAdvanced comm
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewallsSimon Bennett
 
Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)HuaweiNetworks
 
CA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedCA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedMotty Ben Atia
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product PresentationYudi Rachman
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simplearcserve data protection
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudarcserve data protection
 
N-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoveryN-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoverySolarwinds N-able
 
CA ARCserve Solution Overview
CA ARCserve Solution OverviewCA ARCserve Solution Overview
CA ARCserve Solution OverviewMotty Ben Atia
 
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...TwinStrata
 
Arcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewArcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewGina Tragos
 
Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Gina Tragos
 
2/18 Technical Overview
2/18 Technical Overview2/18 Technical Overview
2/18 Technical OverviewGina Tragos
 

Destacado (19)

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentation
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewalls
 
Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)
 
The ca arcserve hybrid protection mess
The ca arcserve hybrid protection messThe ca arcserve hybrid protection mess
The ca arcserve hybrid protection mess
 
Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
CA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedCA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updated
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product Presentation
 
Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)
 
Sangfor presentation new world new it
Sangfor presentation new world new itSangfor presentation new world new it
Sangfor presentation new world new it
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simple
 
Technical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvieTechnical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvie
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloud
 
N-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoveryN-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and Recovery
 
CA ARCserve Solution Overview
CA ARCserve Solution OverviewCA ARCserve Solution Overview
CA ARCserve Solution Overview
 
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
 
Arcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewArcserve Portfolio Technical Overview
Arcserve Portfolio Technical Overview
 
Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014
 
2/18 Technical Overview
2/18 Technical Overview2/18 Technical Overview
2/18 Technical Overview
 

Similar a Next generation firewall(ngfw)feature and benefits

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxBluechipComputerSyst
 
Top 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall ServicesTop 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall ServicesSafeAeon Inc.
 
What is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdfWhat is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdfanilagarwal8880432
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
Analyst report for Next Generation Firewalls
Analyst report for Next Generation FirewallsAnalyst report for Next Generation Firewalls
Analyst report for Next Generation FirewallsIla Group
 
Analyst Report for Next Generation Firewall
Analyst Report for Next Generation FirewallAnalyst Report for Next Generation Firewall
Analyst Report for Next Generation FirewallIla Group
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURESakshiSolapure1
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxSameerShaik43
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptxahmad661583
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12Altaware, Inc.
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 

Similar a Next generation firewall(ngfw)feature and benefits (20)

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
 
Top 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall ServicesTop 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall Services
 
What is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdfWhat is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdf
 
Firewall
FirewallFirewall
Firewall
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
 
Firewall
FirewallFirewall
Firewall
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdf
 
NGFW Brochure 08 08
NGFW Brochure 08 08NGFW Brochure 08 08
NGFW Brochure 08 08
 
Analyst report for Next Generation Firewalls
Analyst report for Next Generation FirewallsAnalyst report for Next Generation Firewalls
Analyst report for Next Generation Firewalls
 
Analyst Report for Next Generation Firewall
Analyst Report for Next Generation FirewallAnalyst Report for Next Generation Firewall
Analyst Report for Next Generation Firewall
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
 
Firewalls
FirewallsFirewalls
Firewalls
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 

Último

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

Next generation firewall(ngfw)feature and benefits

  • 2. Next Generation Firewall(NGFW)  A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.  The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
  • 3. Features of Next Generation Firewall(NGFW):  Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN.  Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non- standard ports to evade the firewall.  SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
  • 4. Features of Next Generation Firewall(NGFW):  Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed.  Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups.  Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
  • 5. Next-Generation Firewalls (NGFW) With Layer8 Identity-Based Technology  Actionable Intelligence & Controls  Cyberoam OS  High Performance  Scalability  Flexibility
  • 6. Things to ConsiderWhen Looking at a Next Generation Firewall solution  Underlying Architecture and design: Was the Next Generation Firewall designed from the ground up to perform its security controls in a single pass or are there different modules that have been added to an existing platform to provide added functionality? This could lead to issues with the following two items to consider.  Performance: What if any impact will be recognized if you turn on all of the security features and apply them to every security policy?  Leveraging Application intelligence for threat scanning: Can the firewall use application visibility and knowledge to scan only threats for the application in question or does it have to go through its entire database for evaluation? See the example of Oracle above.  Management: How easy is it to manage the Next Generation Firewall? Do I have to configure different rule-bases to take advantage of application control? Is the threat prevention management a separate rule-base or is it integrated with security policy? How much visibility/logging is provided into traffic traversing the firewall? This becomes important when troubleshooting and potentially migrating from port based control to application based control.
  • 7. Reasons a Next Generation Firewall Is A Must  Application Identification : Application identification answers the question, what sort of traffic is allowed? It uses multiple identification mechanisms to determine the exact identity of applications crossing the network. As the applications are identified through a multi-factor approach, the policy check determines how to treat the applications and related functions. Accurate traffic classification is the core of any firewall, with the outcome becoming the foundation of the security policy.  Application Control : Application control is as critical as identifying the applications. Next- generation firewalls with application control allow you to create application-based firewall policy, to help regain full control over application traffic by managing bandwidth. A robust next generation firewall solution on your enterprise wireless network provides granular application usagecontrol policies such as: allowing or denying, allowing certain application functions and applying traffic shaping, decrypt and inspecting, and allowing for certain users and groups. It increases productivity, prevents data leakage and protects against application-borne malware.
  • 8. Reasons a Next Generation Firewall Is A Must  Threat Prevention : In order to prevent threats effectively, any network needs to first reduce the avenues of attack by controlling which applications run on it. Then, a firewall needs to scan “allowed” application traffic for threats more broadly, while not limiting them to a strict definition of a particular type of threat.
  • 9. Advantages of Next Generation Firewall  All-in-one functionality  Greater visibility and control  Simplified management  Better security  Lower total cost of ownership
  • 10. Comparing Next Generation Firewalls  Does the NGFW solution provide protection against server application attacks and client application attacks? What is the percentage of time that it does not?  Can the NGFW solution be evaded?  Is the device stable and reliable?  Does the NGFW solution enforce inbound and outbound application polices?  Does the NGFW solution enforce inbound and outbound identity policies?  What is the performance of the solution?
  • 12. Cyberoam Technologies USA Central : +1-732-412-4896 Delhi & NCR : +91-9899150300 Ahmedabad : +91-9925011328 Bangalore: +91-9880345671 Dubai: +971-4-214 9860 Cyberoam House, Saigulshan Complex, Opp. Sanskruti, Beside White House, Panchwati Cross Road, Ahmedabad - 380006, GUJARAT, INDIA. North America 505 Thornall Street, Suite # 304 Edison, NJ -08837 USA sales@cyberoam.com http://www.cyberoam.com/