By Scott Hergenrader - Senior Solutions Architect
Network firewalls have come a long way since the early days of merely filtering out unwanted network traffic. Many of the latest next generation firewalls (NGFW) include services that historically required deployment of 3rd party independent systems. Most modern NGFW’s include the following:
Built-in SDWAN
Geolocation
Antivirus
Intrusion Prevention
Multi-layered protection from layer 2 to 7
Sandboxing
Immense network visibility
And much more...
One of the most important features offered by Next-Gen Firewalls is Secure Sockets Layer (SSL) Inspection. SSL Inspection is the process of breaking apart an encrypted data stream (HTTPS) and scanning its contents to ensure that it complies with the rules you’ve set via policy. Why might this be so important? An estimated 85% of internet traffic is now encrypted, and approximately 60% of malware is transmitted within an encrypted tunnel! Without SSL Inspection enabled, end-users have the ability to bypass your companies firewall policies (knowingly or unknowingly). Worse yet , the encrypted data stream could carry ransomware right through the front door of your network. NGFW’s help prevent ransomware, and the potential of you asking yourself “how much bitcoin can we afford!?!”