Improving Your Firewall – Time for NGFW?

Let’s say you have not replaced your firewall or thought about it much for some time.  Is it time to replace it?

There are ‘new’ firewalls called Next Generation  firewalls (NGFW for short) because we like our acronyms.

First we have to assess risk and decide if this is a good usage of resources (maybe in 2016 if not performing this function this year).

riskmanagementcycles

 

 

So we are at Assess risk and determine needs.

It depends on what is the worth of your network? How are you using your devices on the network?

Do you have a lot of potentially vulnerable devices?

Do you have a change in IT services?

 

A NGFW can make servicing security concerns easier.

I like Tomsitpro.com website on this topic of comparing the traditional firewall with the NGFW.

 

Traditional firewall just controls the flow of traffic by blocking some items (like incoming traffic for abc software).

The NGFW can not just control flow, but remove some application data used  in a known bad configuration.

 

How does that work?  Let’s say you go to a specific website on a traditional firewall, if you allow web traffic then it will be allowed.

On a NGFW web traffic might be denied to that same site like a known virus that was on the website.

This is  just one example of trying to make the new applications that we all want to use (or that our employees want to use).

More of the new threats would be protected in a NGFW.

 

PAthreat_prevention

 

One thing you can search for in a NGFW are specific data points (like SS# or CC#). New exploits and viruses can be removed from the network.

 

If you are worried that a hacker is stealing your employee SS#’s that is one thing to test for in the network stream.

 

Also for compliance a NGFW can help your documentation efforts.

 

 

 

 

Contact Us as we can help you decide on a NGFW

 

 

 

 

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.