How an Enterprise Firewall Works
A traditional firewall performs packet filtering by inspecting the contents of packet headers and applying rules based on IP addresses and port numbers. However, this does not provide adequate protection against modern cyber threats.
A next-generation firewall (NGFW) integrates advanced threat prevention solutions into a firewall. Some of the features that should be included in an enterprise NGFW include:
- Network Segmentation: In addition to defining the network perimeter, firewalls can also create internal boundaries within the corporate network. This helps to protect against lateral movement of threats within the enterprise network perimeter.
- Network Access Control (NAC): NGFWs can apply role-based access controls to the traffic that they inspect. For example, a NGFW can implement zero-trust security controls by blocking traffic containing unauthorized requests.
- Remote Access VPNs: Virtual private networks (VPNs) can provide remote workers with secure access to the corporate network. A NGFW can act as a VPN endpoint, inspecting traffic before it moves on to its destination.
- Email Security: Email is a widely-used medium for business communications and is commonly a target of phishing attacks. Email security solutions inspect an email’s contents and attachments for malicious code or links before allowing it to reach the user’s inbox.
- Web Security: Phishing sites, drive-by downloads, and other threats pose a risk to an organization’s employees. Web security integrations enable firewalls to identify and block traffic to malicious or inappropriate sites.
- Data Loss Prevention: Data exfiltration, which is increasingly a component of ransomware attacks, usually occurs over the network. NGFWs can identify and block attempted exfiltration based on identification of sensitive content within outbound traffic.
- Intrusion Prevention Systems (IPS): An IPS can provide protection against a wide range of cyberattacks. One of the defining features of an NGFW is the integration of IPS capabilities to protect against brute force attacks, vulnerability exploitation, and similar threats.
- Sandboxing: Not all malware can be easily identified by inspecting the contents of network traffic. Sandboxing detonates potential threats in a secure, isolated environment to identify any malicious functionality before it reaches corporate systems.
NGFWs provide a wide range of protections to an organization’s systems. However, deploying the right solution is crucial to the success of an enterprise network security program.
Different Types of Enterprise Firewalls
Different enterprises require different types of firewalls. For example, high-availability firewalls are vital for critical applications, hyperscale firewalls offer the scalability that enterprises need to support future growth and low latency firewalls secure high frequency trading applications with minimal interruption.
The Main Features of an Enterprise Firewall
An enterprise NGFW should integrate network security into a single, usable platform. Some of the key factors to consider when evaluating enterprise firewall solutions include:
- Threat Prevention: Minimizing the damage that a cyberattack can cause to a network requires threat prevention.
- App and Identity-based Inspection: A firewall should support granular app policy creation and enforcement based upon user identity.
- Hybrid Cloud Support: The firewall should be easily deployable and scalable in any major cloud environment and be available as a cloud service as well as on-premises.
- Scalable Performance: Hyperscale is necessary to build a robust and scalable distributed system.
- Unified Security Management: A firewall with integrated Unified Security Management (USM) functionality enables an organization’s security team to easily and efficiently manage and enforce security policies across their entire network environment.
These are 5 features and capabilities any firewall must have to effectively prevent cyber attacks. Other features include rack form factor, network port capacity, network interface types (copper, fiber, port line rate) and security throughput. In the figure below is an example of the range of firewalls available for multiple deployments and enterprise size. For a more detailed comparison view the Check Point firewall comparison chart.
Check Point Security Appliance Brochure Capture
Choose the Right Enterprise Firewall for Your Organization
Even within the category of enterprise firewalls, companies have many options to choose from. Throughput, security features, and other factors should all be included in a firewall purchase decision. For more information about what to look for in an NGFW, check out this buyer’s guide.
Check Point offers a range of NGFW solutions designed to meet the needs of every enterprise. Learn more about your options by signing up for a free demo today.