"As with any term, once the marketing department gets hold of it, things can spread pretty dramatically," states Eric Hanselman, research director for networks at The 451 Group. Intrusion protection system/intrusion detection system (IPS/IDS), VPN and Web application firewall technologies are all common features of a NGFW, but some vendors are also toutingn features such as SSL acceleration and WAN acceleration as NGFW components, too.
Hanselman says the core functionality of a NGFW should be protecting the network from outside or inside threats. Everything else may be nice to have but not a core function. He uses an automotive analogy. "A next-generation car would include things like ABS and more sophisticated traction control--things that are related to the driving of the car, as opposed to things like air conditioning or a better sound system," he says.
A December 2011 Gartner report on NGFWs portrays a nascent but quickly expanding market for the technology. Gartner estimated that when the books are closed on 2011, the firewall market, including NGFW, will bring in $6.3 billion, up from $5.9 billion in 2010 and $5.4 billion in 2009. There is considerable opportunity for more growth: Gartner noted that while less than 5% of Internet connections are currently protected by NGFWs, by 2014 that number will grow to 35%.
The Gartner Magic Quadrant assessment of the NGFW market shows a number of vendors clumped together in the Niche Players lower-left quadrant. Only two firms are identified as Leaders in the upper right quadrant: CheckPoint Software Technologies and Palo Alto Networks, which introduced a NGFW solution for branch offices last fall .
Companies introducing NGFW solutions at RSA include Stonesoft, a niche player according to Gartner, which is introducing the Stonesoft Security Engine. The company describes the product as a "transformable" NGFW because it can be programmed by the operator as a traditional and/or next-gen firewall, a Layer 2 firewall, or a traditional or next-gen IPS. It can also be programmed to deliver VPN or universal threat management (UTM) protection.