General 3min de Leitura - 25 de October de 2016

Next Generation Firewall and the impact on corporate security

Imagem vetorizada de escudo de segurança.

This post is also available in: Português English Español

Technology is part of the day-to-day operations in companies of the most varied sizes and segments, assisting in the execution of operational and managerial tasks, adding value to the business. Computerization is part of the strategy of companies that envisage ever more productive and lean structures.

Applications for video conferencing, messaging, social networking, file storage are examples of software widely used by companies, regardless of their size. These applications have specific features, and within the security context, they should receive special attention, avoiding improper use and damage to the business.

In this blog post, we will cover concepts associated toNext Generation Firewall, including functions that differentiate NGFWsfrom traditional firewalls, especially regarding application control. Continue reading and understand a little more about the features of a Next Generation Firewall.

Defining Application

Applications are present in many parts of organizations, even if they often go unnoticed. Applications have emerged to meet timely demands, and are typically used to perform everyday tasks, enhancing productivity and organizational concepts.

In this line, we have a wide range of applications, which are common to most businesses, such as Email applications (Gmail), file exchange (Google drive, Dropbox, etc.), video conferencing and messaging (Skype), CRMs, social networks (Facebook, Linkedin), applications for remote access (Ammy, Team Viewer, etc). All of these applications are designed for personal and corporate purposes and are considered “safe”, however, the corporate use of the applications inspires care, and expert assessment is indicated prior to deployment and dissemination as a corporate solution.

Also with regard to applications, it is worth mentioning the existence of apps considered harmful to the corporate environment, such as anonymous proxy cases (Ultrasurf), used for anonymous browsing on the Internet, avoiding the tracing and identification of connections.

Conceptualizing Next Generation Firewall

“Next-generation firewalls integrate three key assets: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control. Like the introduction of stateful inspection in first-generation firewalls, NGFWs bring additional context to the firewall’s decision-making process by providing it with the ability to understand the details of the Web application traffic passing through it and taking action to block traffic that might exploit vulnerabilities.” (Rouse, 2014).

The differential assigned to NGFWs lies in the ability to do everything a traditional Firewall can do, with the ability to combine innovative, high-performance threat identification technologies to provide an efficient and complete enterprise solution.

One of the features most evident in Next Generation Firewallis the visibility on the applications and possibility of control of them, abstracting IP/Port, as used in traditional firewalls. In this case, the solution administrator does not need to know the ports nor the range of IP addresses of a service; the application control, present in NGFWs “recognizes” the services and allows release or blocking of accesses based on the name of the application/service. This type of control is more effective and facilitates the administration of rules applied in the perimeter of the corporate network.

Still with respect to the recognition of applications, it is important to complement that this feature allows the recognition of “segments of applications”, guaranteeing greater depth in the controls. Facebook serves as an example to illustrate how the feature works. With application control, it is possible to free access to Facebookand limit access to the tool Chat, for example, ensuring customization of social network usage in corporate environments.

Next Generation Firewalls, through the application control module, also allow the management of applications that use encrypted communication protocols with dynamic IPs, such as the Skype instant communicator. For these cases, the control based on IP/Port becomes complex, with some limitations.

The concept of intrusion prevention (IPS) also has differential treatment in NGFWs. Intrusion Prevention System (IPS) features, within the “Next Generation” concept, include comprehensive visibility capability, which monitors real-time changes in the environment. The prevention system must also have the ability to understand and control threats that act at the application layer, in addition to detecting advanced threats such as malware.

Key Features of a Next Generation Firewall

A common question among information security professionals is how to identify “Next Generation” solutions. In this sense, some points should be observed, such as:

  • Identification of applications, regardless of port, protocol or any other technique that increases the degree of complexity of the control;
  • Providing granular visibility, enabling policy development based on individualized applications;
  • Possibility of integration with LDAP directories, for user identification and better control;
  • Providing real-time protection against a significant number of threats, including those operating at the application layer;
  • Integrate, not just combine, traditional firewall features and intrusion prevention techniques;
  • Solutions with high degree of performance, without degradation of the hardware resource;

The challenges associated with information security in corporate environments are numerous, so companies of all sizes and segments should seek help to organize security structures that add value to the business, being sustainable.

Improve your knowledge by reading our contents and if you need help, feel free to talk to one of our experts.

Keep reading

[latest_post type=’boxes’ number_of_posts=’3′ number_of_colums=’3′ order_by=’date’ order=’ASC’ category=’learning-and-discovery’ text_length=’100′ title_tag=’h4′ display_category=’0′ display_time=’0′ display_comments=’0′ display_like=’0′ display_share=’0′]

This post is also available in: Português English Español