Traditional vs next-gen firewalls

by Abbie-Lee Hollister, on July 18, 2018

2 People Doing Karate during Sunset
When someone envisions a firewall, what typically comes to mind is a fortified computer that tracks traffic and determines whether it’s allowed to flow into or out of the company network.
For years, this functionality has been sufficient in providing baseline protection most companies need to protect their day-to-day operations. Now, traditional firewalls are no match for the advanced threats capable of circumventing gateways. It’s time for a new generation of protection.


The Rise of Next-Generation Firewalls

Next-generation firewalls (NGFWs) can operate at all levels, including the application layer. But there’s much more to the story. Not only do NGFWs monitor traffic and take pre-defined actions when certain rules are broken, they also can make intelligent decisions. And they typically include more advanced security functionality like integrated intrusion protection and automated updates to safeguard against new and emerging threats.

Let’s look a little closer at just what NGFWs can deliver:

Deep Packet Inspection

NGFWs are much more thorough as they inspect packets coming in and out of networks. Because they include intrusion prevention systems (IPS), they rely on either behaviour analysis or signatures to inspect inbound packets and determine what they are really being used for before deciding to let the packets into the network.

NGFWs also include user identity management integration, like Active Directory or Radius, and can bind user IDs to IP or MAC addresses.

>> How IT Providers are winning with next-gen tech [Webinar]

Application Visibility and Control

With a NGFW, you can enact policies based on users, groups, devices, time and applications. As an example, you can let certain groups, such as the marketing team, set up social media accounts and use them while on the corporate network, but restrict others from doing so. 

You can block certain features and functionality within applications. NGFWs also provide comprehensive visibility into activities, delivering real-time and historical insights. That kind of visibility is critical for some, like schools, that want to monitor the type of websites devices are visiting while on the network.


Network security in the past required layered solutions and multiple appliances to be effective.  These layers usually required separate updates to address vulnerabilities, while the need for standalone hardware and someone to maintain these investments were usually the source of inflated IT budgets.

Today’s NGFWs streamline these solutions through a single device, which is simple enough to be deployed and maintained by individuals from any location. Now, one firewall can deliver anti-virus, spam filtering, deep packet inspection, intrusion prevention, application control, automated updates and more.

TRY IT OUT FOR 30 days for free (2)

Learn more about Untangle Next Generation Firewall today and register for a free 30-day trial online. 



Related Articles