What Is An Advanced Firewall? UTM? NGFW?

by

UTM is an acronym for Unified Treat Management  but it really is just another name for “New” Firewall.

NGFW is an acronym for Next Generation Firewall – and it was the literal explanation that the marketers of Cisco/Checkpoint/Fortinet wanted to make a distinction with the older packet filter firewalls.

The marketers at Watchguard wanted to create yet a newer name – that is why Unified Threat Management was born.

 

This is Watchguard marketing piece:

UTM-ngfw

 

The only problem with that marketing piece is that for many companies it is factually incorrect.

Being an IPS it does not take much to also have AV (Anti-Virus) functionality.

So Watchguard makes faulty marketing pieces or at least marketing with a lot of wiggle room.

So as Anitian says in their 3 yr old presentation:

anitiaconclusions

NGFW and UTM are identical technologies (just terms really)

Changing words does not change underlying technology

Firewalls are adding capabilities and that is good (and expected – as all companies want to improve their products)

Quality of players is variable( always true – but hard to gauge while buying)

Application identification is not unique, special or new (this is due to Internet Protocol OSI layer)

Be careful words can be used to deceive or mislead (always)

Analysts have agendas and rarely disclose them –(or obfuscate their agendas)

…  My comments are in bold and parentheses.

 

The market space of a few years ago seems not too different from today.

utm-ngfwplayersfromanitia

(Notice that in this presentation watchguard is relegated to ‘uncompetitive’)

 

Of course Cisco’s Sourcefire purchase has been now incorporated into their products (ASA firewalls etc).

So that has to be kept in mind, as well that the top company many people are looking at is Palo Alto not Checkpoint or Fortinet.   Although Checkpoint is a very good firewall. Palo Alto has a different level of application

ngfw-check-point

PaloAlto – 2 images

nextgeneration-firewalls-palo-alto

ngfw-PaloAltoTechnologies

The reason I agree with the Palo Alto as the top firewall is the focus of their products are on the logins, roles, the data. None of the other companies give a full understanding of this insight. And no one else makes as big of a spotlight.

 

If you are comparing firewalls for 2016 as I suggested yesterday:

http://oversitesentry.com/2016-new-year-new-firewall-which-one/

 

Contact us to discuss your plans for new year