Ensuring information security is an integral part of business processes regardless of the line of business or size of an organization. Nowadays, information security must be a top concern for any company. Present-day network attacks are becoming more and more complicated. As a result, comprehensive tools for securing the network infrastructure perimeter are required. Using a firewall is the minimum prerequisite for ensuring protection of an organization against attacks and attempts of unauthorized access to its information resources from outside. Not only do new-generation firewalls (NGFW) support the traditional traffic filtering, but they also provide the intrusion protection system functionality (IPS), stream antivirus filtering, botnet protection, traffic inspection at all levels, including the application level.
- Ensuring comprehensive protection of the company's network infrastructure perimeter
- A single termination point for network rules and information security policies
- Securing the internet access with an option of flexible adjustment of policies and traffic filtering rules
- Organizing secure remote access to corporate resources
- Organizing secure communication channels to remote branches of the organization
- Incoming and outgoing network traffic monitoring, also based on a set of predefined security rules
- Elimination of "blind zones" in the network by means of decrypting the SSL traffic
Virtually, all present-day new-generation firewalls (NGFW) support the functionality of the following subsystems:
- Intrusion prevention subsystem: its task is to detect attacks on the company network in the real-time mode. By using an up-to-date database of signatures of known attacks and analyzing the "normal behavior" of traffic, the intrusion prevention subsystem designed in compliance with the best practices is able to detect and neutralize even previously unknown attack types.
- The antivirus subsystem. Traditional antivirus protection of terminal workstations may be insufficient to prevent infecting. Not only does NGFW perform the signature analysis for all the traffic passing through it, but it also ensures behavior analysis of transferred files. A separate function is an option to automatically forward files to isolated environments (sandboxes) for deep analysis.
- The URL filtering subsystem. In addition to social engineering methods, illegitimate websites are widely used for stealing user account data. As a result, both money and confidential data of an organization may be stolen. The URL filtering subsystem checks with regularly updated databases of illegitimate websites and analyzes them for the presence of malicious code.
- The application control subsystem. Unfortunately, some software developers do not pay sufficient attention to security issues. Application vulnerabilities are widely used by abusers to carry out network attacks. The application control subsystem contains information about the current application vulnerabilities and prevents attacks via the respective threat vector.
- The remote access subsystem. Present-day businesses need their employees to have access to corporate resources from any point in the world. The NGFW task is to ensure secure remote access by establishing a secure channel between a workstation and the company's network perimeter via the internet or by providing access from any devices via a web portal. NGFW is also able to ensure secure information exchange with remote branches preventing the loss of data when transferring it via untrusted communication channels.
Benefits of the subsystem:
New generation firewalls make it possible to efficiently protect the corporate IT infrastructure and minimize the risks of damage because of cyberattacks by means of the following key functions:
- Comprehensive protection of a corporate network that uses a multilevel security system
- Secure access to corporate resources via the internet
- Lowering the administration complexity level by using unified policies
- Minimizing potential cyber incidents