Article by Hillstone Networks CTO Tim Liu
A next-generation firewall platform (NGFW) addresses the ever-changing landscape of threats with expanded features and partnerships to close the loop on cyber attacks—from the enterprise network to the cloud.
These offer different levels of protection in three critical stages: pre-breach, breach, and post-breach. Here are the main five security features of next-generation firewalls:
It is important to provide an organisation with a multi-layered defence across the entire threat lifecycle while enabling different levels of protection in three critical stages: pre-breach, breach, and post-breach.
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
Each of the threat lifecycle stages has its own set of risks—so they need to be addressed with the following:
The transition from IPv4 to IPv6 brings up more security challenges to the network, and it requires that the modern NGFW can provide comprehensive visibility, deep security, and advanced configuration capabilities across a combination of IPv4 and IPv6 traffic.
While full migration to IPv6 is a matter of time, it is better to be ready now to make the move to better security.
Enhanced authentication and access control in more scenarios
It is key to enable organisations to support more advanced authentication scenarios required when supporting workforces across all devices.
With such a feature, organisations are enabled to embrace the challenges of modern authentication and access control in support of improved workforce productivity.
It is important to streamline time-consuming administrative tasks, including traffic monitoring, policy configuration, and execution, relieving network admins to focus on the business and less on daily maintenance tasks.
Netflow: Support Netflow protocol v9.0 to collect data, and send network traffic to external platforms for traffic analytics and monitoring.
Improve and simplify the protection of cloud or multi-cloud infrastructures by removing several challenges for customers wanting to migrate to more modern cloud infrastructures.
Ensure cloud deployment is highly available and that connections between the various cloud platforms are protected.