Choosing A Next-Generation Firewall: 7 Factors

If there is one network security device that has changed significantly in the past decade, it would have to be the firewall. What once was a simple access control gate between trusted and untrusted networks has now morphed into a multi-faceted and multi-layered threat management system.

Today's next-generation firewalls are the linchpin of any modern network security strategy. Yet not all NGFW's are the same. While some features and benefits obviously overlap from one vendor's NGFW to the next, there are distinct differences you need to understand and evaluate based on your networks security needs.

In this slideshow, we'll look at seven factors you need to consider when evaluating and ultimately choosing your next-gen firewall platform. Security research firm NSS Labs evaluated 13 of the top NGFWs and concluded that seven of the products met its criteria to receive a "recommended status." But even having the field narrowed down to seven vendors isn't enough. You need to apply your own criteria and find the firewall that best fits your needs -- and your budget.

For most of us, a NGFW will likely replace a traditional firewall or aging NGFW in an established network environment. If that's the case, our final decision may be influenced by what hardware is being replaced, what other network components the new firewall will need to work with, and who will implement and manage the NGFW.

Another major influence on your final decision will revolve around critical applications in use on your network and what kinds of security policies and tactics are needed. NGFW vendors have strengths and weaknesses based on what type of features you require. For instance, one NGFW vendor may have an industry-leading IPS feature set. But that same firewall may not have the most robust malware protection capabilities to protect against zero-day exploits. Because of this, it's up to the technical decision maker to prioritize what features are most important in order to choose the right product.

Finally, one must look at the NGFW investment in terms of long-term scalability and investment protection. Enterprise-class NGFWs aren't cheap. It's important to understand how the vendor's roadmap aligns with yours in terms of scaling out your current investment.

(Image: Clker-Free-Vector-Images/Pixabay)