The Security Engine features "contextual awareness" to enhance protection, says Matt McKinley, director of the product management team for Stonesoft in the United States. That means the firewall can assess the security of a connection based on the application, the end user and a deep inspection of the packets traversing that connection.
With this product, available sometime in April. Stonesoft is trying to address some of the problems enterprises encounter trying to deploy NGFW, McKinley says. "I think there are some significant shortcomings in terms of scalability and availability in the rush to get all the features that are required for a next-generation firewall and next-generation IPS. I see the focus shifting in that direction toward adaptability, scalability, advanced threat protection and ... being able to make more intelligent decisions," he says.
Also taking a bow at RSA is Netronome, which will be introducing a Network Flow Management (NFM) software framework for NGFW designers who are basing their designs on flow processors. The company says the framework will deliver IPSec, IPS and SSL inspection capabilities in a NGFW.
Fortinet is also making NGFW news at RSA with the FortiGate-3240C, a security appliance that addresses multiple threats and exerts granular control over more than 1,900 discrete applications. The appliance also provides real-time protection against current and emerging advanced persistent threats (APTs), says the company. Also new is the FortiGate-5101C, a security blade that integrates the latest FortiASIC processors to accelerate the performance of FortiGate-5000 Series ATCA-compliant systems, including the FortiGate-5140B.
Fortinet says the introduction of its latest next-generation firewall products, to be available in the second quarter, really changes the dynamics of how large enterprises, service providers and carriers apply high-performance security in their networks. The enormous throughput and scalability of these systems give organizations new freedom to develop and enforce a broad range of aggressive security policies that apply highly granular control over users, applications and devices without compromising network performance, it states.
Sourcefire's offering in the NGFW market, introduced in December 2011, also offers contextual awareness. Tufin Technologies introduced Version 6.0 of its Tufin Security Suite in September 2011. Version 6.0 lets IT security administrators directly set and define NGFW policies from their management tools. F5 Networks introduced a new data center firewall appliance last month.