BOSTON, MA / ACCESSWIRE / December 25, 2017 / As cybersecurity threats have evolved and begun to take advantage of the traditional firewalls that most networks have employed over the past two decades, new, next-generation firewalls (NGFWs) aim to fill the gaps in protection and improve upon the standard of security. This includes increasing application and user-aware filtering techniques that allow for a greater understanding of where traffic entering or leaving the network originates, helping controllers better identify activity that could be linked to threats. However, despite the advances, iboss warns that NGFWs will not deliver an all-encompassing network security solution, as they still lack the capabilities that users need to effectively prevent and plan for data breaches.
Secure web gateways (SWGS), on the other hand, incorporate the features of several gateway defense solutions -- firewalls, proxies, directories, etc. -- in giving comprehensive insight into all traffic crossing the network perimeter. For example, SSL traffic has become the default security protocol for most web certifications, yet a recent NSS Labs report found that NGFWs favor DNS scanning and slow drastically when forced to process SSL. Organizations that deploy SWGs do not have to choose between performance and security. Secure web gateways also take entire files into consideration and generally leverage several vetting process beyond stream scanning and simple URL matching. These protocols allow SWGs to flag previously unknown malware and scan for signs of exfiltration where intellectual property may be buried within files leaving the network without permission.
iboss noted that next-generation firewalls also assure few protections for distributed businesses - ones where employees access sensitive data on mobile devises or from remote offices. NGFW defenses are weak at tracking users to their devises, as they are not capable of taking all network-specific protocols and proxy settings into consideration, nor do they intuitively reference an organization’s active database. Without the ability to create and store reports on incidents, security teams cannot evaluate the information that an NGFW, processes in order to understand, plan for and prevent breaches. This is just one feature outside of the standard perimeter security that organizations need to consider including, before relying on a single cybersecurity tool for protection. It is important to know that NGFWs are only one part of the defense-in-depth strategy that is necessary to keep intellectual property safe as the threat landscape grows. Firewalls, SWGs and other solutions must all work together to secure a network and its array of users.