Despite the advancement of NGFWs from earlier incarnations of the firewall, there are still vulnerabilities. The firewall was the ideal form of network security in the days of computing when a singular network needed to be protected.
With the way networks are gradually changing, other security methods are better for handling advanced persistent threats (APTs). This alternative, yet complementary methods include the following:
Software-defined perimeters (SDPs): With the recent and exponentially growing shift to more cloud-based frameworks, such as infrastructure as a service (IaaS) and software as a service (SaaS), firewalls are becoming less optimal. An SDP is more aptly suited than firewalls to these frameworks because it doesn't add latency in the same way that a firewall does. It also works better within increasingly identity-centric security models. This is because it focuses on securing user access rather than IP address-based access. An SDP is based on a zero-trust framework.
IPS: An IPS functions in the same general space as a firewall: between the network and the user. However, instead of just inspecting packet headers and IP addresses, it inspects the actual payload of packets. It then logs the threat and attempts to mitigate its damage.
Intrusion detection system (IDS): This is the same basic system as the IPS, but it does not actively mitigate the threats after it detects them. An IDS is a passive system that only logs and alerts threats. It does not act.
Unified threat management (UTM): UTM is the combination of multiple security services and features into one appliance or service. While NGFWs are comparable to UTM systems, UTM systems include more features, such as VPNs, spam filtering and URL filtering for web content. Many UTM solutions also include either an IDS or IPS in conjunction with a firewall.
Read more : managed firewall
With the way networks are gradually changing, other security methods are better for handling advanced persistent threats (APTs). This alternative, yet complementary methods include the following:
Software-defined perimeters (SDPs): With the recent and exponentially growing shift to more cloud-based frameworks, such as infrastructure as a service (IaaS) and software as a service (SaaS), firewalls are becoming less optimal. An SDP is more aptly suited than firewalls to these frameworks because it doesn't add latency in the same way that a firewall does. It also works better within increasingly identity-centric security models. This is because it focuses on securing user access rather than IP address-based access. An SDP is based on a zero-trust framework.
IPS: An IPS functions in the same general space as a firewall: between the network and the user. However, instead of just inspecting packet headers and IP addresses, it inspects the actual payload of packets. It then logs the threat and attempts to mitigate its damage.
Intrusion detection system (IDS): This is the same basic system as the IPS, but it does not actively mitigate the threats after it detects them. An IDS is a passive system that only logs and alerts threats. It does not act.
Unified threat management (UTM): UTM is the combination of multiple security services and features into one appliance or service. While NGFWs are comparable to UTM systems, UTM systems include more features, such as VPNs, spam filtering and URL filtering for web content. Many UTM solutions also include either an IDS or IPS in conjunction with a firewall.
Read more : managed firewall
No comments:
Post a Comment