The latest types of firewalls, so-called Next Generation Firewalls (NGFW), have changed the perspective on network traffic.
Due to the significant changes in potential security risks, network traffic control had to change and visibility had to be added. Applications today are no longer identifiable only as ports. IP addresses are not sufficient to identify users, and packets are no longer just data content. Therefore, their content needs to be checked.
NGFW detects applications not only based on ports but using so-called signatures that the firewall knows for each known application. Unidentifiable packet content in the absence of signatures is addressed using detailed heuristic analysis.
Users are identified not only by IP address but also by other available user data, such as ActiveDirectory, LDAP, CaptivePortal, and others. Content control focuses on possible data leaks (DLP), known and unknown threats (malware), and URL filtering.
#CDR #SandBox #Threatemulation #IDS #IPS #IdentityAwareness #Pishing #ZeroDay #Malware #AntiBot #URLfiltering #ApplicationFilter #StatefullFW #NAT #VPN #LoadBalancer
