Much has been made about bringing application visibility and control into network security. The reason is obvious: applications can easily slip by traditional port-based firewalls. And the value is obvious: employees use any application they need to get their job done—often indifferent to the risk that use poses to the business. Nearly every network security vendor has acknowledged that application control is an increasingly critical part of network security. While the next-generation firewall (NGFW) is well defined by Gartner as something new, enterprise-focused, and distinct, many network security vendors are claiming NGFW is a subset of other functions (e.g., UTM or IPS).
Most traditional network security vendors are attempting to provide application visibility and control by using a limited number of application signatures supported in their IPS or other external database. But underneath, these capabilities are poorly integrated and their products are still based on legacy port-blocking technology, not NGFW technology. Perhaps most importantly, these folks are missing the point – it’s not about blocking applications, but safely enabling them. Unfortunately, the products proffered by traditional network security vendors ignore much of what enterprises do with applications today – they use them to enable their business – and as such, need to make sure that those applications run securely. It is obvious that a next-generation firewall is a different and revolutionary class of product, but the interest from enterprise customers is so strong that vendors of traditional products are trying to subvert the interest of enterprise network security team by attempting to look like an NGFW.
For enterprises looking at NGFWs, the most important consideration is: Will this new technology empower security teams to securely enable applications to the benefit of the organization? Key questions to ask include:
- Will it increase visibility and understanding of application traffic?
- Will it expand traffic control options beyond blunt allow/deny?
- Will it help prevent threats?
- Will it eliminate the need to compromise between performance and security?
- Will it reduce costs for my organization?
- Will it make the job of risk management easier or simpler?
If the answers to the above questions are “yes,” then transition is easy to justify.
CLICK HERE to download the full guide