I would say the most valuable aspects to consider are the following: security features, throughput, bandwidth, latency and how well it handles high traffic volumes. Also, I would consider it's scalability for the future needs, the ease of management and seamless integration with other security infrastructures like monitoring tools.
When evaluating Firewall solutions, look for features that ensure robust security, ease of management, and scalability. Important aspects include:
Intrusion Detection and Prevention (IDPS)
VPN support
Advanced threat protection
Scalability
Logging and reporting
Intrusion Detection and Prevention Systems help identify potential threats and mitigate them before they cause harm. VPN support is crucial for secure remote access. Advanced threat protection offers defense against sophisticated cyber threats, including malware and ransomware. Scalability ensures that the Firewall solution can grow with your network’s needs. Proper logging and reporting features are important for tracking network activity and complying with industry regulations.
A strong Firewall solution must offer an intuitive interface that simplifies deployment and ongoing management. Centralized management allows administrators to control multiple firewalls from a single dashboard. Look for solutions that offer flexible policy management to cater to various security needs. Comprehensive support and regular firmware updates from the vendor ensure that the Firewall is always up-to-date and capable of defending against the latest security threats.
Architect - Cloud Serviced at a computer software company with 501-1,000 employees
MSP
Top 10
Sep 5, 2016
There are already some good answers about it but this is what I understand for a firewall. It is a luxury when compared in a networking domain. So basics first, we would need to suit your networking requirement. For this you need to settle down for Vendor whom you need to buy this firewall. From an organization level, Try to get a best deal.
Now from networking perspective, take that spec sheet out and look for the models they offer and see which one fits your network. I mean check the throughput of the firewall. Can it handle the load you are going to push it through ?
Ok so you got your vendor and the model but wait let's see that spec sheet again. Why? The features. Yes the features are also important as everyone already pointed it out. You need to compare the feature and see if it meets your organization policy. Most of the firewalls have all that is required for an organization. This includes but not limited to deployment mode, high availability, application visibility, custom application definition, central management (required if you have more than one firewall to standardize your policy), Throughput post going through IPS / URLF, SSL VPN capability (I don't want to spend more to get this new extra feature right), IPSEC VPN, and others. The core of deploying the firewall is the throughput. I don't know how to emphasize more on that.
Once you get this checklist complete. I believe you are good to purchase a firewall for your organization. I would request people to try these firewalls on the VM instance for demo and see how they function. Check with your vendor for demo. This is to ensure that your IT engineer is comfortable with the look and feel as he is the one going to handle your firewall right ?
Enterprise Architect, CISSP at a tech services company with 1,001-5,000 employees
Real User
Top 20
Jun 9, 2021
Security, aye, it is most important. But I would like to add the aspect of "self-sufficiency" for want of a better word. What I mean by this is, that a firewall has to be the "last man standing" of sorts if a network is under attack or already compromised. So a firewall in my opinion should never be dependent on other components, be it on premises or in the cloud. I have come across installations where firewalls are integrated with Microsoft AD for user authentication or where they were configured to accept input from cloud services as to how their policy should be enforced. Call me oldfashioned, but for me a firewall still hast to work even if all other services in the network are dead and it still has to provide security controls to the last interface alive on the net. We should very much mistrust all that new "AI" stuff and accept it only as "on top" of a good old static policy of who may access what - down to every single IP and port.
The most important aspect to look for is relative to one question:
How informed are you with the actual needs of your network?
Overall I think there are too many specific details to choose any one primary aspect when selecting a security appliance and/or firewall device based on functionality alone. Any company that is online and running with proven technology has offered a solution that meets the minimum standard for most situations and customers. However some do perform better than others in certain environments and this depends on the needs of the network and resources. Firewalls fulfill one general role in the network: the protection of key resources. This can be expanded upon in a number of ways but the idea is the same all the time; the protection of key resources and the inspection of traffic in and out of these resources. That being the case, it would require in depth research based on specific needs and see how that relates to the network in question when selecting a device.
The one aspect that will always matter regardless of the device capability is Integration and Administration. Although customer support from the vendor is extremely important, the first line of response will always be the in-house technical resource.
- How easily can I role this out?
- Am I replacing a pre-existing device or adding this in tandem?
- Do I have people who can manage this device currently and if not, can they be trained easily?
- If I have a single admin/engineer who manages this device and they leave the company, how easy is it to find another qualified person?
I think these aspects and questions matter a great deal. Regardless of specific strengths for a single device, if that device cannot be installed easily or managed easily, that equals more confusion and downtime which usually means a loss of money.
When considering a new firewall device or security appliance, I encourage my clients to review their short and long term goals before allowing too much time in debate over which device is better.
Security is the most important aspect. You are not buying a Firewall to play Candy Crush so user experience is not the most important aspect (even though it is important). It needs to provide the most advanced security to protect your organization from threats.
Security is the most important aspect. Firewalls control the traffic between the internal and external networks and are the core of a strong network security policy.
"Next-generation" firewall features, including Security services like:
A firewall that allows us to set parameters on where our users can go and which gives us the ability ton block certain sites or ads if we need or want to.
Logging And Reporting. Some new toy firewalls (like Fortigate) have them on Cloud, but suppose there is a problem in WAN connections or VPN. The Easy Way to see logs for troubleshooting, that is the best firewall
Solutions Architect at NTT Global Networks Incorporated
MSP
Jun 17, 2020
There is no single-most important aspect, but here are a few to consider as being absolute requirements.
Intrusion protection: I've seen break-ins from bad actors on the outside, who stole intellectual property for whatever purpose, including, but not limited to the sale of said property to competitors.
Internal threats: We've seen shady employees stealing information, and BYOD infected and then brought to work. Good endpoint security is a great add-on, but if the level from a firewall is not where you need it to be, then a separate solution for such service should be evaluated. A firewall at the perimeter that offers malware protection in both directions adds an extra layer of security.
The reason for simplicity is not just that your job will be easier to build the network, but to navigate the threats and quickly bring new security professionals up to speed on your platform.
Application Identification: This is not a luxury, it's a flat-out requirement.
Ease of replacement: Does the vendor offer a plan to replace faulty hardware in a day or less, or do you choose instead to go HA at all locations, especially in countries where bringing hardware through customs can be a nightmare
1. Protection
2. Throughput
3. Ease of use
4. Support
5. Price
I want to make sure it fits my needs and does what I need to do. Every environment and budget is different. Making sure you talk to people who know what they're doing so you get the product you need.
1. I can figure out how to use it so it must have GUI interface.
2. Good support so when I need help I can get it.
3. Renewal fees are reasonable (not half the price of the unit).
4. Of course, that it does the job.
Firewall should be:
- with NGFW features
- Capable of Inspecting encrypted traffic without breaking or compromising the security of the traffic.
- Scalable
- Easy to manage and configure
- with Excellent vendor support
✓ Firewall
✓ Application control
✓ IPsec and SSL VPN
✓ IPS
✓ Web content filtering
✓ Anti-spam
✓ Data loss/leakage protection
✓ Anti-virus and anti-spyware protection
✓ IPv6 native support
✓ Traffic shaping/bandwidth control
The state of the firewall has moved from IP and port filtering to combine these elements:
1) Application awareness (want to block Tor or Bit Torrent?)
2) User identity awareness (policies based on identity not just source IPs)
3) Policies based on device attributes (allow smartphones to access email without login)
Forward thinking enterprises are looking at Unified Threat Management devices (or NGFW) to combine these functions along with IPS/IDS, malware filtering, AV gateway and other features.
Valuating firewalls is an important process for organizations to ensure that they are investing in the right security solution. It involves assessing the effectiveness of the firewall in terms of preventing unauthorized access, detecting and blocking malicious traffic, and minimizing potential damage in case of a breach. Factors such as cost, ease of use, scalability, and compatibility with other security tools are also considered. Conducting a thorough evaluation of the firewall can help organizations make informed decisions to protect their assets and sensitive data from cyber threats.
In today's cybersecurity landscape, a Next-Generation Firewall (NGFW) is essential. It should not only excel in security but also offer robust connectivity features such as application control, URL filtering, IPS (Intrusion Prevention System), and other critical security blades.
The NGFW's primary role is to provide a strong security foundation. It should effectively protect against evolving threats, offer advanced threat prevention, and maintain a high level of security posture. This includes features like malware detection, threat intelligence, and zero-day attack prevention.
Simultaneously, it's equally vital for an NGFW to be well-equipped in terms of connectivity and application control. This means the ability to monitor and manage application usage, enforce policies, and ensure that the network operates efficiently and securely. URL filtering is essential to prevent access to malicious or unauthorized websites. IPS plays a crucial role in identifying and blocking potential threats within the network traffic.
The combination of robust security and advanced connectivity features ensures that your NGFW serves as both a security enforcer and an enabler for productive, controlled, and secure network operations. In a world where cyber threats are ever-present, having a well-balanced NGFW that excels in both security and connectivity is paramount to safeguarding your organization's digital assets.
It is important to understand how a Firewall handles Zero-day attacks. Protection versus traditional attacks are already a given feature, but most breaches come from unknown attacks. How the back end handles this and how fast they mitigate is important for the Firewall to serve its purpose
Network Engineering and IS Access at a comms service provider with 5,001-10,000 employees
Real User
Top 20
May 19, 2022
I work on a very critical private cloud so the most important for us are performance, troubleshooting, gateway management and support in the event of major problems.
Today with all those devices requiring access to the internet, IoT security is the "most important" part and should be easy to deal with: firewalls must reflect this by easy administration, good logging and supporting complex requirements. And the challenge will be to offer that functionality to "home users".
How well it does it's job, followed closely by how well the user interface is. If you can't configure it accurately and straight forwardly, no matter how well it protects things could slip through the cracks.
Sr. Network Administrator at a tech vendor with 51-200 employees
Real User
Mar 24, 2017
Real world unbiased reviews of the product from actual users along with reports of any unexpected issues or benefits they experienced. That's what brought me here :)
Senior System Engineer at a tech services company with 1,001-5,000 employees
Consultant
Nov 17, 2015
It's depend on user requirement. In my opinion about firewall should be smart in all features. like, Stability,Ease to configure,Traffic Visibility,Central Management .
Presales Technical Consultant at a tech services company with 501-1,000 employees
Real User
Oct 7, 2015
What do you use Firewall for Internal FW or External FW.
My opinion about External FW you have to research before invest FW into your Orgonization
1. Next Generation FW: this FW must have control source by User Name & destinatin by application ID.
+ NG FW must easy integrate with LDAP Server, Radius Server
+ Database of Applicaiton ID have more than competitor.
2. This FW must have URL Filtering, Antivius, IPS. When enable all these features just impact about 1/5 throughput FW.
3. Central Management with two appliances (HA)
4. Reporting, can export detail report, customize report.
5. This FW must have technology to integrate with detect & prevent Unknow malware.
Traditional FW features + NG features such as:
1. True ability to subsume IDS/IPS and other "UTM" feature.
2. Maturity of partner ecosystem to integrate painlessly with threat feeds, SIEM, end-points, and other security technologies to eliminate silos and provide a comprehensive and automated threat strategy.
For Firewall, I'm looking for grandular policies and detailed audit logs based on these policies... Reports customization based on what policies are implemented.., egress and ingress traffic reports depending on the requirements. Reports should also be able to capture what been allowed (ingress traffic) if the need arise.
So basically i'm looking for firewall with robust policies creation and detailed / custom reports generation.
System Engineer L-2 at a tech services company with 1,001-5,000 employees
Consultant
Jun 10, 2015
It should work on Layer 8 technology, that can manipulate traffic as per policy and requirement. Yet all the logs should be available.
This should not limited to AV\ IPS, all the core technologies (QOS, load balancing, NAT, content filtering,)should be supported on this.
The criteria for a FW will depend on the organizations specific needs and environment. I'm looking for a good balance between functional capability and ease of use/deployment. A FW that has full UTM features, easy to work with settings and simple management/admin interface is top of mind for my organization (100-500 workstations). I also believe in the concept of defense in depth (using multiple best of bread vendor offerings as opposed to a single technology). Some UTM's offer this approach while maintaining ease of use.
1) How much traffic is appropriately blocking as per the policy.
2) Firewall must be coming with 10g/40g interface for catering traffic flow on fly.
3) Session and conucurant session must be higher depending upon the business requirment.
4) NGFW should remain consistent throughput while performing the actions like application control(App-ID enabled) ), ddos mitigation, enabling nips, enabling url filtering and email filter solution.
5) configuration file should be easily readable without using any third party tool for reviewing the firewall policy off line.
6) Seamless integration with siem of any kind through syslog or lea .
7) Above all support, l3 support, rma capability etc
Firewalls serve as a crucial line of defense against cyber threats by monitoring and controlling incoming and outgoing network traffic.
Firewalls analyze network traffic based on pre-defined security rules to block unauthorized access, providing a barrier between trusted internal networks and untrusted external networks. They are essential for organizations seeking to protect their digital assets.
What are some critical features of Firewalls?
Intrusion Detection: Monitors...
I would say the most valuable aspects to consider are the following: security features, throughput, bandwidth, latency and how well it handles high traffic volumes. Also, I would consider it's scalability for the future needs, the ease of management and seamless integration with other security infrastructures like monitoring tools.
When evaluating Firewall solutions, look for features that ensure robust security, ease of management, and scalability. Important aspects include:
Intrusion Detection and Prevention Systems help identify potential threats and mitigate them before they cause harm. VPN support is crucial for secure remote access. Advanced threat protection offers defense against sophisticated cyber threats, including malware and ransomware. Scalability ensures that the Firewall solution can grow with your network’s needs. Proper logging and reporting features are important for tracking network activity and complying with industry regulations.
A strong Firewall solution must offer an intuitive interface that simplifies deployment and ongoing management. Centralized management allows administrators to control multiple firewalls from a single dashboard. Look for solutions that offer flexible policy management to cater to various security needs. Comprehensive support and regular firmware updates from the vendor ensure that the Firewall is always up-to-date and capable of defending against the latest security threats.
There are already some good answers about it but this is what I understand for a firewall. It is a luxury when compared in a networking domain. So basics first, we would need to suit your networking requirement. For this you need to settle down for Vendor whom you need to buy this firewall. From an organization level, Try to get a best deal.
Now from networking perspective, take that spec sheet out and look for the models they offer and see which one fits your network. I mean check the throughput of the firewall. Can it handle the load you are going to push it through ?
Ok so you got your vendor and the model but wait let's see that spec sheet again. Why? The features. Yes the features are also important as everyone already pointed it out. You need to compare the feature and see if it meets your organization policy. Most of the firewalls have all that is required for an organization. This includes but not limited to deployment mode, high availability, application visibility, custom application definition, central management (required if you have more than one firewall to standardize your policy), Throughput post going through IPS / URLF, SSL VPN capability (I don't want to spend more to get this new extra feature right), IPSEC VPN, and others. The core of deploying the firewall is the throughput. I don't know how to emphasize more on that.
Once you get this checklist complete. I believe you are good to purchase a firewall for your organization. I would request people to try these firewalls on the VM instance for demo and see how they function. Check with your vendor for demo. This is to ensure that your IT engineer is comfortable with the look and feel as he is the one going to handle your firewall right ?
All the best ! on getting a new firewall.
Security, aye, it is most important. But I would like to add the aspect of "self-sufficiency" for want of a better word. What I mean by this is, that a firewall has to be the "last man standing" of sorts if a network is under attack or already compromised. So a firewall in my opinion should never be dependent on other components, be it on premises or in the cloud. I have come across installations where firewalls are integrated with Microsoft AD for user authentication or where they were configured to accept input from cloud services as to how their policy should be enforced. Call me oldfashioned, but for me a firewall still hast to work even if all other services in the network are dead and it still has to provide security controls to the last interface alive on the net. We should very much mistrust all that new "AI" stuff and accept it only as "on top" of a good old static policy of who may access what - down to every single IP and port.
Awesome answers all around!
The most important aspect to look for is relative to one question:
How informed are you with the actual needs of your network?
Overall I think there are too many specific details to choose any one primary aspect when selecting a security appliance and/or firewall device based on functionality alone. Any company that is online and running with proven technology has offered a solution that meets the minimum standard for most situations and customers. However some do perform better than others in certain environments and this depends on the needs of the network and resources. Firewalls fulfill one general role in the network: the protection of key resources. This can be expanded upon in a number of ways but the idea is the same all the time; the protection of key resources and the inspection of traffic in and out of these resources. That being the case, it would require in depth research based on specific needs and see how that relates to the network in question when selecting a device.
The one aspect that will always matter regardless of the device capability is Integration and Administration. Although customer support from the vendor is extremely important, the first line of response will always be the in-house technical resource.
- How easily can I role this out?
- Am I replacing a pre-existing device or adding this in tandem?
- Do I have people who can manage this device currently and if not, can they be trained easily?
- If I have a single admin/engineer who manages this device and they leave the company, how easy is it to find another qualified person?
I think these aspects and questions matter a great deal. Regardless of specific strengths for a single device, if that device cannot be installed easily or managed easily, that equals more confusion and downtime which usually means a loss of money.
When considering a new firewall device or security appliance, I encourage my clients to review their short and long term goals before allowing too much time in debate over which device is better.
Security is the most important aspect. You are not buying a Firewall to play Candy Crush so user experience is not the most important aspect (even though it is important). It needs to provide the most advanced security to protect your organization from threats.
Comprehensive protection, reliability, straightforward administration, total cost of ownership over three to five years.
Next-generation firewall features, including Security services like:
- Gateway Antivirus Services
- Capture Advance Threat Protection
- Intrusion Prevention
- Anti-spyware
- Botnet Filter
- Geo-IP filter
- Content Filter
- Application control
- Stability
- Support
- Ease of work
- Adaptability
- Cost-effectiveness
Security is the most important aspect. Firewalls control the traffic between the internal and external networks and are the core of a strong network security policy.
"Next-generation" firewall features, including Security services like:
- Gateway Antivirus Services
- DPI-SSL
- Capture Advance Threat Protection
- Intrusion Prevention
- Anti-spyware.
- Botnet Filter.
- Geo-IP filter.
- Content Filter.
- Application control.
Firewalls control the traffic between the internal and external networks and are the core of a strong network security policy.
E.g., the Check Point Firewall is part of the Software Blade architecture that supplies "next-generation" firewall features, including:
•VPN and mobile device connectivity
•Identity and computer awareness
•Internet access and filtering
•Application control
•Intrusion and threat prevention
A firewall that allows us to set parameters on where our users can go and which gives us the ability ton block certain sites or ads if we need or want to.
Logging And Reporting. Some new toy firewalls (like Fortigate) have them on Cloud, but suppose there is a problem in WAN connections or VPN. The Easy Way to see logs for troubleshooting, that is the best firewall
There is no single-most important aspect, but here are a few to consider as being absolute requirements.
Intrusion protection: I've seen break-ins from bad actors on the outside, who stole intellectual property for whatever purpose, including, but not limited to the sale of said property to competitors.
Internal threats: We've seen shady employees stealing information, and BYOD infected and then brought to work. Good endpoint security is a great add-on, but if the level from a firewall is not where you need it to be, then a separate solution for such service should be evaluated. A firewall at the perimeter that offers malware protection in both directions adds an extra layer of security.
The reason for simplicity is not just that your job will be easier to build the network, but to navigate the threats and quickly bring new security professionals up to speed on your platform.
Application Identification: This is not a luxury, it's a flat-out requirement.
Ease of replacement: Does the vendor offer a plan to replace faulty hardware in a day or less, or do you choose instead to go HA at all locations, especially in countries where bringing hardware through customs can be a nightmare
1. Status inspection capabilities.
2. Ease of administration.
3. Performance.
4. Price.
5. Scalability.
1. Protection
2. Throughput
3. Ease of use
4. Support
5. Price
I want to make sure it fits my needs and does what I need to do. Every environment and budget is different. Making sure you talk to people who know what they're doing so you get the product you need.
1. I can figure out how to use it so it must have GUI interface.
2. Good support so when I need help I can get it.
3. Renewal fees are reasonable (not half the price of the unit).
4. Of course, that it does the job.
NGFW, Stability, Good vendor support, Good logging information, centralized management
Firewall should be:
- with NGFW features
- Capable of Inspecting encrypted traffic without breaking or compromising the security of the traffic.
- Scalable
- Easy to manage and configure
- with Excellent vendor support
✓ Firewall
✓ Application control
✓ IPsec and SSL VPN
✓ IPS
✓ Web content filtering
✓ Anti-spam
✓ Data loss/leakage protection
✓ Anti-virus and anti-spyware protection
✓ IPv6 native support
✓ Traffic shaping/bandwidth control
The state of the firewall has moved from IP and port filtering to combine these elements:
1) Application awareness (want to block Tor or Bit Torrent?)
2) User identity awareness (policies based on identity not just source IPs)
3) Policies based on device attributes (allow smartphones to access email without login)
Forward thinking enterprises are looking at Unified Threat Management devices (or NGFW) to combine these functions along with IPS/IDS, malware filtering, AV gateway and other features.
Valuating firewalls is an important process for organizations to ensure that they are investing in the right security solution. It involves assessing the effectiveness of the firewall in terms of preventing unauthorized access, detecting and blocking malicious traffic, and minimizing potential damage in case of a breach. Factors such as cost, ease of use, scalability, and compatibility with other security tools are also considered. Conducting a thorough evaluation of the firewall can help organizations make informed decisions to protect their assets and sensitive data from cyber threats.
In today's cybersecurity landscape, a Next-Generation Firewall (NGFW) is essential. It should not only excel in security but also offer robust connectivity features such as application control, URL filtering, IPS (Intrusion Prevention System), and other critical security blades.
The NGFW's primary role is to provide a strong security foundation. It should effectively protect against evolving threats, offer advanced threat prevention, and maintain a high level of security posture. This includes features like malware detection, threat intelligence, and zero-day attack prevention.
Simultaneously, it's equally vital for an NGFW to be well-equipped in terms of connectivity and application control. This means the ability to monitor and manage application usage, enforce policies, and ensure that the network operates efficiently and securely. URL filtering is essential to prevent access to malicious or unauthorized websites. IPS plays a crucial role in identifying and blocking potential threats within the network traffic.
The combination of robust security and advanced connectivity features ensures that your NGFW serves as both a security enforcer and an enabler for productive, controlled, and secure network operations. In a world where cyber threats are ever-present, having a well-balanced NGFW that excels in both security and connectivity is paramount to safeguarding your organization's digital assets.
It is important to understand how a Firewall handles Zero-day attacks. Protection versus traditional attacks are already a given feature, but most breaches come from unknown attacks. How the back end handles this and how fast they mitigate is important for the Firewall to serve its purpose
I work on a very critical private cloud so the most important for us are performance, troubleshooting, gateway management and support in the event of major problems.
A product that allows us to set parameters "where our users can go" and which gives us the ability to block certain sites or ads.
Güvenlik konusunda öncü bir marka.Ulaşımı ve kullanımı kolay.Güzel bir arayüzü var.
---
English (Translated by Google):
-It is a leading brand in security.
-It is easy to access and use.
-It has a nice interface.
Today with all those devices requiring access to the internet, IoT security is the "most important" part and should be easy to deal with: firewalls must reflect this by easy administration, good logging and supporting complex requirements. And the challenge will be to offer that functionality to "home users".
Utilization, SSL inspection and concurrent sessions.
security, performance, virtualization support, timeliness of updates, zero-day threat protection, mobile device protection, endpoint compliance.
Ability to manage wide range of attack surface with easy to use graphical interface and rule grouping based on service types.
completeness and clarity of the logs for troubleshooting
Network security and performance is the most important aspect while evaluating firewalls.
Stability, performance and extensive logging.
Security and feature supports
How well it does it's job, followed closely by how well the user interface is. If you can't configure it accurately and straight forwardly, no matter how well it protects things could slip through the cracks.
1-Ease of management.
2-Price/performance.
3- how it deal with zero attack
3-NGFW
Real world unbiased reviews of the product from actual users along with reports of any unexpected issues or benefits they experienced. That's what brought me here :)
Stability, traffic visibility, security, management
Stability & Traffic Visibility, security level
It's depend on user requirement. In my opinion about firewall should be smart in all features. like, Stability,Ease to configure,Traffic Visibility,Central Management .
IPS
STABILITY
VPN
HIGH THROUGHPUT
BETTER SECURITY
DATA LOSS PREVENTION
IPSEC
SSL
all of the above + robust support from the vendor
What do you use Firewall for Internal FW or External FW.
My opinion about External FW you have to research before invest FW into your Orgonization
1. Next Generation FW: this FW must have control source by User Name & destinatin by application ID.
+ NG FW must easy integrate with LDAP Server, Radius Server
+ Database of Applicaiton ID have more than competitor.
2. This FW must have URL Filtering, Antivius, IPS. When enable all these features just impact about 1/5 throughput FW.
3. Central Management with two appliances (HA)
4. Reporting, can export detail report, customize report.
5. This FW must have technology to integrate with detect & prevent Unknow malware.
1- Next-generation firewall
2- Unified Threat Management
3- centralized visibility
4- centralized management
Traditional FW features + NG features such as:
1. True ability to subsume IDS/IPS and other "UTM" feature.
2. Maturity of partner ecosystem to integrate painlessly with threat feeds, SIEM, end-points, and other security technologies to eliminate silos and provide a comprehensive and automated threat strategy.
For Firewall, I'm looking for grandular policies and detailed audit logs based on these policies... Reports customization based on what policies are implemented.., egress and ingress traffic reports depending on the requirements. Reports should also be able to capture what been allowed (ingress traffic) if the need arise.
So basically i'm looking for firewall with robust policies creation and detailed / custom reports generation.
Hi,
Go though below link for choose a good firewall. Defiantly you will finalize a firewall with required features.
www.techrepublic.com/blog/10-things/10-things-to-look-for-in-a-hardware-based-firewall/
1- App and users visibility
2- past and live reporting
3- easy management
It should work on Layer 8 technology, that can manipulate traffic as per policy and requirement. Yet all the logs should be available.
This should not limited to AV\ IPS, all the core technologies (QOS, load balancing, NAT, content filtering,)should be supported on this.
1) Layer 7 capabilites
2) Central managment with remote install policy
3) Global reports and traffic Visibility
1) Stability
2) Ease to configure
3) Traffic Visibility
The most important thing is how much visibility if offers to understand the traffic passing through it
The criteria for a FW will depend on the organizations specific needs and environment. I'm looking for a good balance between functional capability and ease of use/deployment. A FW that has full UTM features, easy to work with settings and simple management/admin interface is top of mind for my organization (100-500 workstations). I also believe in the concept of defense in depth (using multiple best of bread vendor offerings as opposed to a single technology). Some UTM's offer this approach while maintaining ease of use.
1) How much traffic is appropriately blocking as per the policy.
2) Firewall must be coming with 10g/40g interface for catering traffic flow on fly.
3) Session and conucurant session must be higher depending upon the business requirment.
4) NGFW should remain consistent throughput while performing the actions like application control(App-ID enabled) ), ddos mitigation, enabling nips, enabling url filtering and email filter solution.
5) configuration file should be easily readable without using any third party tool for reviewing the firewall policy off line.
6) Seamless integration with siem of any kind through syslog or lea .
7) Above all support, l3 support, rma capability etc