Next generation firewall picks up some additional functionality that can happen in the device or firewall service including web filtering, antivirus services, and intrusion prevention, which are all cybersecurity solutions that any business would need. Web Filtering: This function gives business owners the ability to block websites or allow them with some limitations. Categories can also be included to filter out the types of content allowed. Web filtering was a separate box in the past but now it's functioning inside the next generation firewall. Network Antivirus: Another function that the next generation firewall can perform is the antivirus protection. In most cases people are used to using software such as Norton or McAfee separately. These secu rity applications live on the end user’s device or the network server. The problem with this is that these antivirus solutions only target things that arrive at the device after traversing the network. An example of this would be if someone was to open a web page and click something leading to a virus. Network antivirus will monitor the network traffic as it enters the firewall, detect the virus, and stop it. This firewall-based network antivirus feature does not replace antivirus software running on devices but rather compliments it. Intrusion Prevention: In this case, a firewall would block the same way it would a virus but instead of a specific virus file targeting a machine, it goes after attacks that are targeted to a particular operating system or app lication that lives on one’s network. If there is a main file server that lives in one’s office and it runs a certain version of a program that's known to have a vulnerability, this is where intrusion prevention would be helpful. As traffic comes in, intrusion prevention looks at what appears to be an effort to exploit a vulnerability, detects and stops it. When looking at web filtering, network antivirus, or intrusion prevention services, it's important to remember that these threats change constantly. Protection should not be purchased only once because a single installation of software won’t provide a stream of constant updates. What will allow updates are subscribing to more evergreen, managed services solutions such as hosted or cloud-based firewall capabilities delivered as a service.
Physical vs Hosted/Cloud Based Firewall Capabilities
Firewall is essentially available in two formats. One is a physical box that is placed into a location that would typically sit between the internet and the rest of s omeone’s network. The hosted or cloud -based firewall sits in the cloud, taking the internet with it. Cloud firewall can be built with geodiversity, where multiple cloud-based firewall platforms operate and allow continued secure connection to the internet even if one of the cloud platforms should suffer a connectivity or device failure. If a company with many locations were headquartered in Charlotte and had a physical firewall at that data center, and there was an issue with the fiber going into that data center, all the offices that are connected would be down because the Internet lived at the corporate headquarters. This level of diversity and availability is difficult to duplicate with a premise-based firewall solution.
Cyber Defense eMagazine – December 2022 Edition
110
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Made with FlippingBook Learn more on our blog