The Next-Generation Firewall (NGFW) vendors every network and security professional should know about
We have all marked 24 February 2022 in our minds as the day that the war between Russia and Ukraine started. This had a big impact on cyberspace in 2022 and will continue to do so in 2023. According to the NCSC UK, approximately one hour before Russia launched its major invasion of Ukraine there was an attack against Viasat. Although the primary target is believed to have been the Ukrainian military, other customers were affected, including personal and commercial internet users. Wind farms in central Europe and internet users were also affected. Therefore, in the upcoming year, we need to keep our eyes open for international attacks such as malware, ransomware, DDoS and network attacks. NGFW are an important element in the protection against these threats.
Next to this, we hoped that we got rid of COVID-19. Unfortunately, this is not 100% true yet, but we are not held hostage by it anymore. We have found a hybrid way of working with a balanced combination of office and home life. We do still see a demand for solutions that allow users to work from home, which included remote access solutions, video conferencing, and collaboration tools.
Most companies are now equipped with the resources to provide their workforce with remote access to the corporate network. The spike that we observed the last two years in demand for remote access solutions is over. However, we do still see a challenge in terms of security.
A firewall plays an important part in securing an organisation; but end-to-end security requires an NGFW vendor to also provide solutions for ATP, CASB, DLP and to support ZTNA. The top 5 vendors below have been selected taking these new requirements into account.
Next-gen firewall explained
There are many types of malware that a firewall can protect against these days, including ransomware, viruses, worms, trojans, adware, and more. Next-Generation Firewalls (NGFW) take it a step further, by offering the ability to not only identify but also completely block malware before it enters your network. NGFWs can swiftly detect and combat attacks across the entire network. As cyber-attacks continue to become more sophisticated, next-generation firewalls will continue to be essential components of any organisation’s security solution, whether you’re in a data centre, network, or cloud.
Reviewing next-generation firewalls and their capabilities is one of the steps that need to be taken to significantly improve an organisation’s security. Cyberattacks and advanced hacking methodologies these days not only drive enterprises to look for next-generation firewalls, but they also drive next-generation firewall vendors to optimise and update their solutions. The global next-gen firewall market is expected to grow at USD ~$4.69 Billion by 2023, at ~11.4% of CAGR between 2018 and 2023. It's the largest market in IT security products and still growing around 8 percent each year.
Malicious emails, phishing schemes, and other threats concealed in content can be hard to detect. Luckily, many next-generation firewall vendors offer the threat prevention capabilities IT security staff is looking for. The best firewalls include application awareness, centralised management features, Deep Packet Inspection, 100Gbps threat protection, as well as hybrid cloud security. For example, to help defend against the rise of malware, intrusion attempts bypass perimeter protection and other advanced threats.
Next-generation capabilities have been achieved by all solutions in the enterprise network firewall market, but vendors differentiate on feature strengths and depth. NGFW should be on every company's shortlist. - Mohamed El Haddouchi, CTO, Nomios
NGFW features to look for
Most suppliers of NGFW offer different types of firewalls; physical, virtual and containerised firewalls. Physical firewalls are available for all types of organisations, ranging from small and midsized enterprise campuses to large enterprise data centres and everything in between. Virtual firewalls provide protection in Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, IBM Cloud, and Oracle Cloud environments. Container firewalls offer security services to improve visibility and secure applications running in containers and microservices. Depending on your situation, there is always an NGFW that will fit your needs. Next, it is smart to look at the different features that firewalls offer.
Features offered by the best NGFWs include IDS/IPS, support for single-enterprise firewalls as well as branch offices, web proxy and URL filtering, Web Application Firewalling and virtual versions that can be deployed within the cloud.
For an NGFW comparison, it’s crucial to look for differences in the:
- Third-party security product integration capabilities;
- Ease of installation and use;
- Effectiveness at blocking threats;
- Additional features such as application visibility and cloud protection;
- And of course: pricing and consumption models.
The vendors in this article have been placed in random order. We do not endorse our readers to select only those vendors mentioned in this article. Our research consists of the opinion of our experts and should not be construed as statements of fact. When an organisation wishes to know which solutions fit them best, please contact Nomios. We are happy to help you in your search for the right solution.
Here are our picks for the top 5 vendors for NGFW in 2023
Palo Alto Networks PA-Series
Palo Alto was recognised by Forrester as the Leader for Enterprise Firewalls in the Forrester™ Wave in Q4 2022. And by Gartner® they have been named a Leader for ten consecutive years in its Magic Quadrant™ for Network Firewalls.
Palo Alto Networks Next-Generation Firewalls consist of physical appliances (PA-series), virtualised firewalls (VM-series) and container firewalls (CN-series). They are all based on a consistent single-pass architecture and inspect all traffic, including all applications, threats, and content, and tie that traffic to the user, regardless of location or device type. They can secure multi-cloud businesses with their cloud identity engine and protect organisations from the SaaS explosion with an integrated CASB. Palo Alto has brought the power of inline machine learning to their cloud-delivered security services, where they established threat coverage in DNS security, web protection from unknown threats in advanced URL filtering and real-time protection with WildFire malware analysis.
In March 2022 Palo Alto announced that they have teamed up with Amazon Web Services (AWS) to unveil their new Cloud NGFW for AWS. It is a managed NGFW service for private clouds in AWS. The firewalls are equipped with Advanced URL Filtering, Threat Prevention and APP-ID. Advanced URL Filtering uses deep learning to intercept unknown threats (zero-day). Threat Prevention blocks advanced threats on every port. App-ID provides insight into application connections, behaviour and risks.
Having been recognised for the 12th time in the Gartner® Magic Quadrant™ for Network Firewalls and being a Leader in the Forrester Wave™ for Enterprise Firewalls in Q4 2022, FortiGates are NGFWs worth considering. Powered by a single OS, FortiGate network firewalls, whether physical, virtual or delivered from the cloud, are designed to protect any edge at any scale while providing a seamless experience for users and administrators.
The FortiGate firewall product line is available for all firewall deployment use cases. It is also available for public cloud platforms. Fortinet ensures continuous innovation, providing customers with access to cutting-edge security tools they need to enable digital business success. The Fortinet next-generation firewalls are high-performance appliances adding intrusion prevention, application control, and anti-malware to the traditional firewall-VPN combination. This NGFW vendor provides one platform for end-to-end security across your network.
In November 2022 Fortinet launched FortiGate Cloud-Native Firewall (Fortinet CNF) on AWS. It's an enterprise-grade, managed NGFW service specifically designed for AWS environments. FortiGate CNF incorporates FortiGuard AI-powered security services for real-time detection of and protection against malicious external and internal threats and is underpinned by FortiOS for a consistent network security experience across AWS and on-premise environments.
Cisco Secure Firewall
Cisco has been a strong player in the world of NGFW for many years and they offer multiple firewall product lines. Such as Cisco Secure Firewall (formerly Firepower), Cisco Secure Workload (formerly Tetration) and Meraki MX series.
Cisco Secure firewalls are available in many form-factors scaling from the branch site to a carrier-grade data centre. These firewalls are also available as virtual firewalls to enable security in private and/or public cloud environments. In 2022 Cisco introduced the Secure Firewall 3100 Series. This series is designed to support more hybrid workings. Whether working from home, airport or coffee shop, remote workers can enjoy up to 17 times faster VPN performance. The firewalls use machine learning technologies to passively identify user applications and potential threats in encrypted traffic, without decryption, to detect more malware.
During Cisco's Partner Summit in November 2022, they introduced a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security products. As of early next year, the Secure Firewall 3105 is available. This firewall is built specifically for hybrid workers and small branch offices.
Juniper Networks SRX firewalls
The Juniper Networks firewall product line is the SRX series of NGFWs, which is available as hardware appliances (SRX), virtual appliances (vSRX) and containers (cSRX). vSRX can be hosted on the customer’s own hypervisor or run on AWS, Microsoft Azure, Google Cloud Platform and Oracle Cloud Infrastructure. The Juniper Networks SRX Series NGFWs combine high-performance security with integrated services for application security, intrusion protection and advanced threat detection for organisations of all sizes.
The on-premises devices ingest and analyse data from any third-party firewall or security data source. This enables enterprises to respond to threats with one touch, detect malware and it also helps avoid vendor lock-in. With Juniper's ATP platform as an open ecosystem, it works in conjunction with any firewall and SIEM. This makes it very compatible and it can be used right away in an environment. Detection and analysis, as well as automation, also enable the ability to do one-touch mitigation. A pretty unique way of approaching advanced malware.
Juniper Networks SRX next-generation firewalls use information from Juniper’s Sky Advanced Threat Protection cloud-based service and third-party GeoIP feeds to block malicious activities as they enter or traverse the network. It also provides application visibility and control, IPS and user-based application policies, plus unified threat management (UTM) to protect and control your business assets.
Did you know that Nomios offers managed firewall services? Our managed firewall services take care of the day-to-day management of your firewall operations, providing improved availability and guaranteeing continuity. Managing your security infrastructure is not just about keeping firewalls up-to-date with patches and fixes. We ensure that security measures are up to date by actively monitoring access to the internet from the company network, responding to critical alerts, compiling management reports, and providing guidance on optimising firewall configurations.
Forcepoint’s network security portfolio includes nine different firewall series, with different purposes. All series include centralised management, extensive security such as VPN, IPS, encrypted inspection, SD-WAN and mission-critical application proxies. They did not start with firewall solutions back in 1993, they began as a reseller for network security products.
According to the Gartner® research, the network firewalls of Forcepoint are a good candidate for distributed office use cases where users are looking for mature SD-WAN, VPN and centralised management capabilities.
According to Forcepoint themselves, their NGFW is designed specifically to cut the complexity and time needed to get your network running smoothly and securely. And to keep it there. The Forcepoint Next-Gen Firewall is built around a unified software core that provides consistent capabilities, acceleration and centralised management across all types of deployments. Their Security Management Centre (SMC) can configure, monitor and update up to 2000 Forcepoint NGFW appliances – physical, virtual, and cloud – all from a single pane of glass.
Nomios’ NGFW vendors
These NGFW vendors protect your network edge, data centre and cloud applications with physical, virtual and containerised firewalls. But did you know that according to Gartner, 99% of firewall breaches are caused by misconfigurations rather than firewall flaws? The Nomios network security experts can help you with the right configuration of your current firewall or help you in the search for a new NGFW. We understand that each organisation is different, so we'll help you in the search for an NGFW that fits your organisation best.
More NGFW updates
NIS2 advice to CISOs
As a CISO, it is important to understand the requirements of the NIS2 Directive and ensure that your company is compliant in a timely manner.
Top cybersecurity companies to watch in 2023
We selected 8 top cybersecurity companies to watch in 2023, who have successfully differentiated themselves from other players in the market.
Mohamed El Haddouchi
SecureX and Secure Firewall: Integration and automation to simplify security
New integrations between SecureX and Secure Firewall streamline processes and increase automation to simplify your security.
Aditya Sankar from Cisco