gartner如何定义下一代防火墙-sinogrid.pdfVIP

Research Publication Date: 12 October 2009 ID Number: Defining the Next-Generation Firewall John Pescatore, Greg Young Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks. Enterprises need to update their network firewall and intrusion prevention capabilities to protect business systems as attacks get more sophisticated. Key Findings • The stateful protocol filtering and limited application awareness offered by first- generation firewalls are not effective in dealing with current and emerging threats. • Using separate firewalls and intrusion prevention appliances results in higher operational costs and no increase in security over an optimized combined platform. • Next-generation firewalls (NGFWs) are emerging that can detect application-specific attacks and enforce application-specific granular security policy, both inbound and outbound. • NGFWs will be most effective when working in conjunction with other layers of security controls. Recommendations • If you have not yet deployed network intrusion prevention, require NGFW capabilities of all vendors at your next firewall refresh point. • If you have deployed both network firewalls and network intrusion prevention, synchronize the refresh cycle for both technologies and migrate to NGFW capabilities. • If you use managed perimeter security services, look to move up to managed NGFW services at the next contract renewal. © 2009 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained f