Next Gen Firewalls (NGFWs) Must Also Be Managed

While we’ve been bombarded with the fear, uncertainty and doubt about today’s sophisticated threats, we have thankfully seen network security innovation with the development of Next Generation Firewalls (NGFWs). NGFWs deliver much more granular control than traditional firewalls by being application and user aware, which is a boon for IT security professionals AND business users to ensure better security without impacting user productivity (e.g., leave port 80 open, but prevent non-marketing personnel from using social media tools, such as Facebook).

However, that is not to say that Next Gen Firewalls don’t come with their own set of challenges. Just as standard firewalls need to be managed due to the complexity of having thousands of rule sets and the potential for errors, that need increases greatly with Next Generation Firewalls and their application control/whitelisting capabilities which introduce new layers of policy, and in turn complexity (just think of the potential rules that you’ll have to manage).

Next Generation Firewalls are a great technological advance for network security, but without sound automated firewall management, they can introduce complexity and ultimately cause security issues due to all of the new errors created. There is an excellent blog on this topic at http://lastwatchdog.com/case-wider-generation-firewalls/.

I’d be curious to hear your thoughts on what the biggest challenge to managing Next Gen Firewalls is by commenting here on our blog or via @AlgoSec.