What are they: Next-Generation Firewalls (NGFWs)

What are Traditional Firewalls?

Traditional firewalls are network security devices that are designed to monitor and control incoming and outgoing network traffic based on predefined rules. These rules can be based on items such as IP addresses, port numbers and protocols.

To better grasp the concept of IP Addresses, ports, and protocols, imagine a moving truck filled with boxes. The moving truck has a specific house that it’s going to (IP Address). It has boxes inside that are labelled, with each label representing a different room in the house (different ports). Each of these labels, however, might be written in a different language (protocol) that need to be handled by certain people who understand that language.

These firewalls can be hardware-based, software-based, or a combination of both, sitting between the outside world and your house - like a security guard, but for your network.

Without going too complex into the different features traditional firewalls can provide, but the primary one is packet filtering.

Packet filtering just means that it can allow or block network traffic (moving boxes) based on where it came from (source IP Address), what port number it’s using (which room it’s labelled for), and the protocol (which language the label is written in).

For example, a firewall could block all packets (boxes) sent from Joe’s house, who has an IP Address of 1.2.3.4, or it could block all boxes that are labelled to go into your office (port). More commonly you’ll find ports being blocked.

What are Next-Generation Firewalls (NGFWs)?

Next Generation Firewalls (NGFWs) are an advanced version of the traditional firewall with additional features such as intrusion prevention, application visibility and control, and advanced threat protection.

Unlike traditional firewalls that simply control access to network resources based on IP addresses and port numbers, NGFWs have the ability to identify and control applications, users, and content flowing through the network, providing a more granular level of security.

What are the components of a NGFW?

Below are SOME of the common components utilised in Next Generation Firewalls (NGFWs).

1. Application control NGFWs can identify and control applications being used on devices on your home network; including blocking access.

2. Intrusion prevention NGFWs can detect (Intrusion Detection System - IDS) and prevents (Intrusion Prevention System - IPS) potentially malicious internet traffic (boxes) based on certain patterns or indicators.

3. Threat intelligence Gathering threat feeds and information from other sources allows NGFWs to stay up-to-date on the latest attacks, patterns and indicators to ensure that networks stay safe from any new malicious traffic (boxes).