Firewalls were originally developed primarily as a way of monitoring traffic coming in and out of a network. The devices looked at packets, network addresses and ports to determine if data should be allowed through or blocked. A good analogy is to imagine if you were flying somewhere, early firewalls basically just checked to see whether you had a ticket and a passport, if both of those checked out you were allowed to board the plane. (Access the network).
Then came application traffic, and so the first generation firewalls could no longer cope. The reason behind this was that criminals now had the ability to hide malware inside application traffic which the firewall couldn’t see. The criminal boarding a plane essentially could hide something in their luggage that security had no way of seeing.
So Next Generation Firewalls (NGFWs) were born. NGFWs could see into applications in order to find and block malware. Keeping with the airline analogy, it was like introducing an x-ray machine into the checking-in process. You may have had a ticket, but if you were carrying something you shouldn’t have been, you wouldn’t be allowed on the plane.
Over time, even further security inspection technologies have been added to the process, including Intrusion prevention system (IPS), Application Control and Anti-malware. Similar to how airports have beefed up their security with body scanners and luggage wipe downs. Unfortunately though, a consequence of these increased security checks has meant that the security gateway has become quite the bottleneck; again similar to the queues you would have no doubt seen if you have flown anywhere in the last few years.
Unfortunately, things are more complicated than ever now. With network points of access and internet-enabled devices multiplying at an unprecedented rate, trying to keep everything secure is becoming a far more complex task.
Fortinet, one of the very top Firewall producers in the world, state that: “Almost 60% of enterprise traffic is encrypted, and cyberattackers are increasingly deploying encrypted malware. As a result, the Gartner Enterprise Firewall MQ 2017 predicts that almost 50% of enterprise customers will soon require SSL inspection capabilities, compared to only 10% today. In addition, increasingly sophisticated, multi-vector cyberattacks are being designed to bypass traditional edge security and evade conventional detection.”
As malware and threats become increasingly more difficult to detect at the access point, it is becoming a business necessity that security hardware and software span the entire network in order to monitor activities and uncover any malicious intent.
The reality is that almost all currently available first-generation firewall devices and platforms are not up to this, and as the prevalence and severity of cybercrime shows no sign of abating, NGFWs (Next Generation Firewalls) will increasingly need to be deployed.
To learn more about adding a NGFW to your network, talk to us on 01905 758900, email us via firstname.lastname@example.org or click here to arrange a suitable time for one of our friendly team to call you.
With thanks to Nirav Shah at Fortinet for help with this article. To read Fortinet’s full blog post, please click here. (Opens in new window).