Next generation firewalls

Firewalls have been an interesting evolution. They not only provide the most basic protection, but are also able to understand the traffic inspected and look for the applications being used. This may seem insignificant at first glance, but to have a device that can tell if the traffic traversing the firewall is legitimate or not, and be able to mitigate malicious traffic masquerading as legitimate, can be the difference between a breach and a non-event. An example may be the DNS traffic as inspected by a standard firewall, which looks like legitimate DNS traffic, but in reality has DNS packets that are padded with data that is being exfiltrated from the network.

A next generation firewall (NGFW) would be able to detect ...

Get Enterprise Security: A Data-Centric Approach to Securing the Enterprise now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.