SlideShare a Scribd company logo

Next generation firewall(ngfw)feature and benefits

Download as PPT, PDF
Anthony Daniel
Anthony Daniel

Cyberoam NGFWs offer actionable intelligence and controls to enterprises that allow complete security controls over L2-L8 for their future-ready security. The next-generation security features in Cyberoam NGFWs protect networks against newly-evolving threats.

Technology
1 of 13
Next Generation Firewall(NGFW)Feature and Benefits
Next Generation Firewall(NGFW)  A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.  The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
Features of Next Generation Firewall(NGFW):  Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN.  Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non- standard ports to evade the firewall.  SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
Features of Next Generation Firewall(NGFW):  Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed.  Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups.  Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
Next-Generation Firewalls (NGFW) With Layer8 Identity-Based Technology  Actionable Intelligence & Controls  Cyberoam OS  High Performance  Scalability  Flexibility
Things to ConsiderWhen Looking at a Next Generation Firewall solution  Underlying Architecture and design: Was the Next Generation Firewall designed from the ground up to perform its security controls in a single pass or are there different modules that have been added to an existing platform to provide added functionality? This could lead to issues with the following two items to consider.  Performance: What if any impact will be recognized if you turn on all of the security features and apply them to every security policy?  Leveraging Application intelligence for threat scanning: Can the firewall use application visibility and knowledge to scan only threats for the application in question or does it have to go through its entire database for evaluation? See the example of Oracle above.  Management: How easy is it to manage the Next Generation Firewall? Do I have to configure different rule-bases to take advantage of application control? Is the threat prevention management a separate rule-base or is it integrated with security policy? How much visibility/logging is provided into traffic traversing the firewall? This becomes important when troubleshooting and potentially migrating from port based control to application based control.
Reasons a Next Generation Firewall Is A Must  Application Identification : Application identification answers the question, what sort of traffic is allowed? It uses multiple identification mechanisms to determine the exact identity of applications crossing the network. As the applications are identified through a multi-factor approach, the policy check determines how to treat the applications and related functions. Accurate traffic classification is the core of any firewall, with the outcome becoming the foundation of the security policy.  Application Control : Application control is as critical as identifying the applications. Next- generation firewalls with application control allow you to create application-based firewall policy, to help regain full control over application traffic by managing bandwidth. A robust next generation firewall solution on your enterprise wireless network provides granular application usagecontrol policies such as: allowing or denying, allowing certain application functions and applying traffic shaping, decrypt and inspecting, and allowing for certain users and groups. It increases productivity, prevents data leakage and protects against application-borne malware.
Reasons a Next Generation Firewall Is A Must  Threat Prevention : In order to prevent threats effectively, any network needs to first reduce the avenues of attack by controlling which applications run on it. Then, a firewall needs to scan “allowed” application traffic for threats more broadly, while not limiting them to a strict definition of a particular type of threat.
Advantages of Next Generation Firewall  All-in-one functionality  Greater visibility and control  Simplified management  Better security  Lower total cost of ownership
Comparing Next Generation Firewalls  Does the NGFW solution provide protection against server application attacks and client application attacks? What is the percentage of time that it does not?  Can the NGFW solution be evaded?  Is the device stable and reliable?  Does the NGFW solution enforce inbound and outbound application polices?  Does the NGFW solution enforce inbound and outbound identity policies?  What is the performance of the solution?
OurSocial Reach
Cyberoam Technologies USA Central : +1-732-412-4896 Delhi & NCR : +91-9899150300 Ahmedabad : +91-9925011328 Bangalore: +91-9880345671 Dubai: +971-4-214 9860 Cyberoam House, Saigulshan Complex, Opp. Sanskruti, Beside White House, Panchwati Cross Road, Ahmedabad - 380006, GUJARAT, INDIA. North America 505 Thornall Street, Suite # 304 Edison, NJ -08837 USA sales@cyberoam.com http://www.cyberoam.com/
Next generation firewall(ngfw)feature and benefits

Recommended

Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
美兰 曾
 
Firewall
FirewallFirewall
FirewallApo
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
Rohit Phulsunge
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
Pina Parmar
 
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
Mostafa El Lathy
 

Recommended

Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
美兰 曾
 
Firewall
FirewallFirewall
FirewallApo
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
Rohit Phulsunge
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
Pina Parmar
 
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
Mostafa El Lathy
 
13 palo alto url web filtering concept
13 palo alto url web filtering concept13 palo alto url web filtering concept
13 palo alto url web filtering concept
Mostafa El Lathy
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
Forescout Technologies Inc
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
Jainam Shah
 
Intrusion Detection System Project Report
Intrusion Detection System Project ReportIntrusion Detection System Project Report
Intrusion Detection System Project Report
Raghav Bisht
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
Fredrick Hall
 
01- intro to firewall concepts
01- intro to firewall concepts01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
Patten John
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysisBikrant Gautam
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
VPN
VPNVPN
VPN
Shiraz316
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
Abdullaziz Tagawy
 
Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentationAdvanced comm
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewallsSimon Bennett
 

More Related Content

What's hot

13 palo alto url web filtering concept
13 palo alto url web filtering concept13 palo alto url web filtering concept
13 palo alto url web filtering concept
Mostafa El Lathy
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
Forescout Technologies Inc
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
Jainam Shah
 
Intrusion Detection System Project Report
Intrusion Detection System Project ReportIntrusion Detection System Project Report
Intrusion Detection System Project Report
Raghav Bisht
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
Fredrick Hall
 
01- intro to firewall concepts
01- intro to firewall concepts01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
Patten John
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysisBikrant Gautam
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
VPN
VPNVPN
VPN
Shiraz316
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
Abdullaziz Tagawy
 

What's hot (20)

13 palo alto url web filtering concept
13 palo alto url web filtering concept13 palo alto url web filtering concept
13 palo alto url web filtering concept
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
Firewall
Firewall Firewall
Firewall
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Intrusion Detection System Project Report
Intrusion Detection System Project ReportIntrusion Detection System Project Report
Intrusion Detection System Project Report
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Network Security
Network SecurityNetwork Security
Network Security
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
 
01- intro to firewall concepts
01- intro to firewall concepts01- intro to firewall concepts
01- intro to firewall concepts
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security Definition
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
 
Network Security
Network SecurityNetwork Security
Network Security
 
VPN
VPNVPN
VPN
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
 

Viewers also liked

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentationAdvanced comm
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewallsSimon Bennett
 
Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)
HuaweiNetworks
 
The ca arcserve hybrid protection mess
The ca arcserve hybrid protection messThe ca arcserve hybrid protection mess
The ca arcserve hybrid protection mess
Ronaldo Cesar Espíndola Ferreira
 
Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015
Sangfor Technologies USA
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
Ploynatcha Akkaraputtipat
 
CA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedCA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updated
Motty Ben Atia
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product PresentationYudi Rachman
 
Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)
Sangfor Technologies USA
 
Sangfor presentation new world new it
Sangfor presentation new world new itSangfor presentation new world new it
Sangfor presentation new world new it
Dr. Wilfred Lin (Ph.D.)
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simplearcserve data protection
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudarcserve data protection
 
N-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoveryN-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and Recovery
Solarwinds N-able
 
CA ARCserve Solution Overview
CA ARCserve Solution OverviewCA ARCserve Solution Overview
CA ARCserve Solution Overview
Motty Ben Atia
 
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
TwinStrata
 
Arcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewArcserve Portfolio Technical Overview
Arcserve Portfolio Technical Overview
Gina Tragos
 
Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014
Gina Tragos
 
2/18 Technical Overview
2/18 Technical Overview2/18 Technical Overview
2/18 Technical Overview
Gina Tragos
 

Viewers also liked (19)

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentation
 
Next generation (ng) firewalls
Next generation (ng) firewallsNext generation (ng) firewalls
Next generation (ng) firewalls
 
Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)Huawei Next Generation Anti-DDoS Solution (2015.3)
Huawei Next Generation Anti-DDoS Solution (2015.3)
 
The ca arcserve hybrid protection mess
The ca arcserve hybrid protection messThe ca arcserve hybrid protection mess
The ca arcserve hybrid protection mess
 
Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
CA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedCA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updated
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product Presentation
 
Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)
 
Sangfor presentation new world new it
Sangfor presentation new world new itSangfor presentation new world new it
Sangfor presentation new world new it
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simple
 
Technical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvieTechnical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvie
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloud
 
N-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoveryN-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and Recovery
 
CA ARCserve Solution Overview
CA ARCserve Solution OverviewCA ARCserve Solution Overview
CA ARCserve Solution Overview
 
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
 
Arcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewArcserve Portfolio Technical Overview
Arcserve Portfolio Technical Overview
 
Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014
 
2/18 Technical Overview
2/18 Technical Overview2/18 Technical Overview
2/18 Technical Overview
 

Similar to Next generation firewall(ngfw)feature and benefits

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
BluechipComputerSyst
 
Top 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall ServicesTop 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall Services
SafeAeon Inc.
 
What is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdfWhat is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdf
anilagarwal8880432
 
Firewall
FirewallFirewall
Firewall
ArchanaMani2
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
Ali Kapucu
 
Firewall
FirewallFirewall
Firewall
Shamima Akther
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
Anthony Daniel
 
What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdf
IT AMC Support Dubai - Techno Edge Systems LLC
 
Analyst report for Next Generation Firewalls
Analyst report for Next Generation FirewallsAnalyst report for Next Generation Firewalls
Analyst report for Next Generation Firewalls
Ila Group
 
Analyst Report for Next Generation Firewall
Analyst Report for Next Generation FirewallAnalyst Report for Next Generation Firewall
Analyst Report for Next Generation Firewall
Ila Group
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
SakshiSolapure1
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
SameerShaik43
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
ahmad661583
 
Firewall
FirewallFirewall
Firewall
syeda zoya mehdi
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
Altaware, Inc.
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 

Similar to Next generation firewall(ngfw)feature and benefits (20)

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
 
Top 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall ServicesTop 5 Benefits of Managed Next Generation Firewall Services
Top 5 Benefits of Managed Next Generation Firewall Services
 
What is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdfWhat is the purpose of a bollard- It allows a security guard to examin.pdf
What is the purpose of a bollard- It allows a security guard to examin.pdf
 
Firewall
FirewallFirewall
Firewall
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
 
Firewall
FirewallFirewall
Firewall
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdf
 
NGFW Brochure 08 08
NGFW Brochure 08 08NGFW Brochure 08 08
NGFW Brochure 08 08
 
Analyst report for Next Generation Firewalls
Analyst report for Next Generation FirewallsAnalyst report for Next Generation Firewalls
Analyst report for Next Generation Firewalls
 
Analyst Report for Next Generation Firewall
Analyst Report for Next Generation FirewallAnalyst Report for Next Generation Firewall
Analyst Report for Next Generation Firewall
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptx
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
 

Recently uploaded

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 

Recently uploaded (20)

A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

Next generation firewall(ngfw)feature and benefits

  • 2. Next Generation Firewall(NGFW)  A next-generation firewall (NGFW) is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level.  The term next generation, in the context of network or enterprise firewall, implies a software or hardware-based security that goes beyond the general methods of URL blocking, network address translation, and packet filtering. This advanced firewall comes with granular controls that enable it to conduct a detailed examination of the Web application traffic that passes through it. The firewall is not restricted to examining traffic data only of certain packets, as it is able to track each packet of traffic to larger transactions.
  • 3. Features of Next Generation Firewall(NGFW):  Standard firewall features: They include the traditional (first-generation) firewall functionalities such as stateful port/protocol inspection, network address translation (NAT), and VPN.  Application identification and filtering: This is the chief characteristic of NGFWs. They can identify and filter traffic based upon the specific applications, rather than just opening ports for any and all traffic. This prevents malicious applications and activity from using non- standard ports to evade the firewall.  SSL and SSH inspection: NGFWs can even inspect SSL and SSH encrypted traffic. They can decrypt traffic, make sure it’s an allowed application and check other policies, and then re-encrypt it. This provides additional protection from malicious applications and activity that try to hide using encryption to avoid the firewall.
  • 4. Features of Next Generation Firewall(NGFW):  Intrusion prevention: Being more intelligent and with deeper traffic inspection, they may also be able to perform intrusion detection and prevention. Some next-gen firewalls might include enough IPS functionality that a stand-alone IPS might not be needed.  Directory integration: Most NGFWs include directory support (i.e., Active Directory). For instance, to manage authorized applications based upon users and user groups.  Malware filtering: NGFWs can also provide reputation-based filtering to block applications that have a bad reputation. This can possibly check phishing, virus, and other malware sites and applications.
  • 5. Next-Generation Firewalls (NGFW) With Layer8 Identity-Based Technology  Actionable Intelligence & Controls  Cyberoam OS  High Performance  Scalability  Flexibility
  • 6. Things to ConsiderWhen Looking at a Next Generation Firewall solution  Underlying Architecture and design: Was the Next Generation Firewall designed from the ground up to perform its security controls in a single pass or are there different modules that have been added to an existing platform to provide added functionality? This could lead to issues with the following two items to consider.  Performance: What if any impact will be recognized if you turn on all of the security features and apply them to every security policy?  Leveraging Application intelligence for threat scanning: Can the firewall use application visibility and knowledge to scan only threats for the application in question or does it have to go through its entire database for evaluation? See the example of Oracle above.  Management: How easy is it to manage the Next Generation Firewall? Do I have to configure different rule-bases to take advantage of application control? Is the threat prevention management a separate rule-base or is it integrated with security policy? How much visibility/logging is provided into traffic traversing the firewall? This becomes important when troubleshooting and potentially migrating from port based control to application based control.
  • 7. Reasons a Next Generation Firewall Is A Must  Application Identification : Application identification answers the question, what sort of traffic is allowed? It uses multiple identification mechanisms to determine the exact identity of applications crossing the network. As the applications are identified through a multi-factor approach, the policy check determines how to treat the applications and related functions. Accurate traffic classification is the core of any firewall, with the outcome becoming the foundation of the security policy.  Application Control : Application control is as critical as identifying the applications. Next- generation firewalls with application control allow you to create application-based firewall policy, to help regain full control over application traffic by managing bandwidth. A robust next generation firewall solution on your enterprise wireless network provides granular application usagecontrol policies such as: allowing or denying, allowing certain application functions and applying traffic shaping, decrypt and inspecting, and allowing for certain users and groups. It increases productivity, prevents data leakage and protects against application-borne malware.
  • 8. Reasons a Next Generation Firewall Is A Must  Threat Prevention : In order to prevent threats effectively, any network needs to first reduce the avenues of attack by controlling which applications run on it. Then, a firewall needs to scan “allowed” application traffic for threats more broadly, while not limiting them to a strict definition of a particular type of threat.
  • 9. Advantages of Next Generation Firewall  All-in-one functionality  Greater visibility and control  Simplified management  Better security  Lower total cost of ownership
  • 10. Comparing Next Generation Firewalls  Does the NGFW solution provide protection against server application attacks and client application attacks? What is the percentage of time that it does not?  Can the NGFW solution be evaded?  Is the device stable and reliable?  Does the NGFW solution enforce inbound and outbound application polices?  Does the NGFW solution enforce inbound and outbound identity policies?  What is the performance of the solution?
  • 12. Cyberoam Technologies USA Central : +1-732-412-4896 Delhi & NCR : +91-9899150300 Ahmedabad : +91-9925011328 Bangalore: +91-9880345671 Dubai: +971-4-214 9860 Cyberoam House, Saigulshan Complex, Opp. Sanskruti, Beside White House, Panchwati Cross Road, Ahmedabad - 380006, GUJARAT, INDIA. North America 505 Thornall Street, Suite # 304 Edison, NJ -08837 USA sales@cyberoam.com http://www.cyberoam.com/