Next Generation Firewall Challenge Series

Round 1: The Next Generation
Firewall Challenge

Industry Issues. Vendor Differentiators.

The next generation in firewalls has arrived. The Internet is getting even more integrated into everyone's life with employees going to social media sites and downloading applications. The mobile world with its smart phones, tablets and applications is introducing new threats into the enterprise, particularly as employees bring their own devices (BYOD) into the workplace.

You could put you foot down and stop it if it were all just personal activity. The problem is that much of it is being done to support business goals. How do you tell the difference? And once you can tell the difference, what can you do to stop the bad activity and allow the good? The first generation of firewalls that understood ports and IP addresses is not going to meet the challenge. Only a new generation of firewalls -– Next Generation Firewalls (NGFWs) – can provide the visibility and control you need to respond to today's new challenges. That’s because newer firewalls support advanced deep packet inspection capabilities that give them the ability to understand traffic at the application level.

I have brought together six leading suppliers of NGFWs to explain how their solutions make it possible to successfully respond to today's many threats. In response to my industry challenge, Check Point, HP, Palo Alto Networks, SonicWALL, Sourcefire and Fortinet explain how they solve today's security issues and where they excel, all in a handy guide that you can download here.

Download my challenge to the NGFW industry and see how the vendors responded.

Download our challenge to the MDM industry and see how the vendors responded.

Next Generation Firewall Network World Challenge Series presented by Robin Layland

Round 2: Panel Discussions

Striking a Balance between Allowing and Denying Access

Industry analyst Robin Layland joins Fred Kost from Check Point and Matt Keil from Palo Alto Networks to discuss when you should allow traffic to pass through the firewall and when you should block the traffic. The panelists dive into the issues and explain why visibility at the application level is the key to developing good policies. They explain why blocking traffic is not always the best option and how you can work with the user community to understand what they are trying to accomplish. Panelists also review best practices to help you understand how best to navigate the difficult path between usability and adequate security.

BYOD and Next Generation Firewalls

Greg Fitzgerald from Fortinet and Patrick Sweeney of SonicWALL join Robin to discuss how NGFWs can help control the problems introduced when employees bring their own devices into the workplace and use them to access corporate resources. They review risk associated with BYOD and how NGFWs can implement policies that reduce the risk. They also address the problems of controlling apps and how to use bandwidth control to ensure that usage doesn't overwhelm your network. They end with best-practice tips you can implement to help control BYOD.

Is a Separate IPS Still Needed?

James Collinge from HP and Jason Lamar of Sourcefire join Robin to explore whether a separate IPS is still needed after implementing a NGFW. They discuss what role NGFW, IPS and Next Generation IPSs play in a security architecture. What should you look for in a NGFW to evaluate whether it can replace an IPS? What are the criteria you should use in selecting the right solution for your enterprise? The panelists also review the circumstances under which combining a NGFW and IPS is not a recommended approach.

Check Point 3D Security Analysis Report Tool

The Check Point 3D Security Analysis Report Tool is a free onsite service to help reduce risks your business is facing today, like hacking, social engineering exploits, bots and malware, Web 2.0 apps and even data loss. This comprehensive security analysis summarizes security events, their risks, and remediation and shows you:

  • Your current security status
  • Active risks or security issues in your organization
  • Suspicious activity or source of data leaks
  • Recommendations on how to eliminate threats and resolve your security issue

Download this sample report to learn more about the 3D Security Analysis Report Tool.

Download now

Next-Generation Security for Enterprise Networks

Since the concept of a 'next-generation firewall' was introduced several years ago by Gartner, many network security vendors have introduced their own next-generation firewalls to address this product category - but with varying results. Some next-generation firewalls fail to include important next-generation features as well as adequate traditional network protections because they lack a proven platform on which to build these features. As more threats leverage web-based applications and services to enter corporate networks, enterprises and service providers are deploying next-generation firewalls at faster pace in an effort to control applications and block these new methods of attack.

Download now

Defining Next-Generation Network Intrusion Prevention

This HP newsletter on Next-Generation Intrusion Prevention features a recent report by Gartner, "Defining Next-Generation Network Intrusion Prevention," that outlines their view of what "next-generation" IPS means and the security features it needs to deliver. As a pioneer in the IPS market, HP TippingPoint solutions have always been developed with "next-gen" features in mind and this newsletter also gives an overview of how our latest next-generation IPS capabilities map to the requirements discussed by Gartner in their report.

Download now

Firewall Buyers Guide

The threats that enterprise network and security teams face are evolving rapidly, and the security products that they implement play a major role in the success or failure of the organization’s overall security strategy. The firewall has been a mainstay of network security for many years, but the needs of organizations are changing rapidly, and the firewall must evolve to meet the challenges of today’s dynamic environments. Palo Alto Networks has asked IANS Research, an independent IT security, risk, and compliance research organization, to set the context for this Firewall Buyers Guide by evaluating how aspects of today’s network security operations are changing, how user behaviors are shifting and the complexity of threats is increasing, and what developments in next-generation firewall technology are now a renewed focus on the role of the firewall is needed in order to keep up.

Download now

NSS Labs 2012 Next Generation Firewall Security Value Map

A whole new breed of Next-Generation Firewalls is here – designed to deliver powerful security, robust intrusion prevention and granular application control in the new Web 2.0 environment. But do all Next-Generation Firewalls deliver on this promise?

This year, NSS Labs, a global leader of independent security product testing and certification, just released the results of an in-depth assessment involving seven Next-Generation Firewall products. Solutions from SonicWALL®, Check Point®, Palo Alto Networks®, Juniper Networks®, Fortinet®, Stonesoft® and Barracuda Networks® were rigorously tested.

The result?

SonicWALL’s SuperMassive™ E10800 is the Highest Overall Protection Next-Gen Firewall to Earn NSS Labs "Recommend" Rating.

Download now

Sourcefire FireSIGHT: Context-Aware and Adaptive Security

Sourcefire FireSIGHT is innovative contextual awareness and automation technology that reduces operating costs while allowing network security to keep pace and be effective against dynamic forces. Learn more about optimizing your security protection and explore:

  • The challenges with delivering effective security today
  • Why traditional static approaches fail to provide the protection we need
  • How FireSIGHT technology can provide the missing insight and automation necessary to fully protect

Download this white paper now to learn why Context-Aware and Adaptive Security is the key to effective protection today.

Download now