In these two new whiteboard lessons, Professor Wool provides technical tips for managing security policies on next generation firewalls alongside traditional firewalls. Whether your organization is looking to deploy a NGFW, or you were an early adopter, find out how to properly manage NGFWs and protect your business.
Managing Your Security Policy in a Mixed Next Gen and Traditional Firewall Environment
Next generation firewalls allow you to manage security policies with much greater granularity, based on specific applications and users, which provides much greater control over the traffic you want to allow or deny. Today, NGFWs are usually deployed alongside traditional firewalls. Therefore change requests need to be written using each firewall type’s specific terminology; application names and default ports for NGFWs, and actual protocols and ports for traditional firewalls. This new lesson explains the challenges of writing firewall rules for a mixed firewall environment, and how to address them.
Using Next Generation Firewalls for Cyber Threat Prevention
As part of the blacklisting approach to application security, most NGFW vendors now offer their customers a subscription based service that provides periodic updates to firewall definitions and signatures for a great number of applications – especially the malicious ones. In this lesson, Professor Wool discusses the pros and cons of this offering for cyber threat prevention. He also discusses the limitations of this service when home-grown applications are deployed in the enterprise, and provides a recommendation on how to solve this problem.
See the complete Professor Wool course on Next Generation Firewalls:
• Lesson 1: Next Generation Firewalls: Overview of Application and User-Aware Policies
• Lesson 2: NGFWs – Whitelisting & Blacklisting Policy Considerations
• Lesson 3: Managing Your Security Policy in a Mixed Next Gen and Traditional Firewall Environment
• Lesson 4: Using Next Generation Firewalls for Cyber Threat Prevention
The latest release of the AlgoSec Security Policy Management includes advanced support for Palo Alto Networks Next Generation Firewalls (NGFWs). Read more here.
Receive notifications of new posts by email.