Managed and Next-Gen Firewalls


Managed Firewall 

With so many cybersecurity threats, it makes sense to invest in a managed firewall solution.  

Traditional firewalls include: 

  • Packet Filtering 
  • Network Address Translation 
  • URL Blocking 
  • Virtual Private Networks (VPN) 

A managed firewall solution takes on management, maintenance and reporting. It includes:  

The Device 

A centralized virtual or physical appliance, now part of a monthly contract moving it from CapEx to OpEx. As needs grow and a larger device is required, scale the solution without having to purchase a new device. 

Firewall Maintenance 

Updates, patch management, change management and other maintenance is handled 24x7x365 by the vendor. This service will occur within an agreed upon SLA  to ensure needs are met in an acceptable time frame. 

Portal 

Continuous visibility into perimeter security for monitoring, logging and reporting all done through a cloud-based portal. View data and analytics, assess trends, utilize logs for audits and compliance requirements. 

Next-Gen Firewall 

With a next-gen firewall, additional features are layered on with QoS and no additional devices are needed. Additions can include: 

Intrusion Detection System (IDS)  

IDS identifies malicious traffic targeting the network and provides alerts. Activity is logged to provide an audit trail available for review in a portal. 

Intrusion Prevention System (IPS)  

IPS works in conjunction with IDS to block malicious traffic and quarantine suspicious traffic. Parameters can be set through the cloud-based portal. 

Antivirus  

Antivirus software/applications protects inbound and outbound traffic against viruses, worms, trojans and other malware. Protection is at the edge of the network and in real time. Threats are logged in the same SIEM portal. 

Content Filtering/URL Filtering 

Often the last piece of the security puzzle, content filtering protects your internal network. This web filtering blocks access to web sites outside of a company’s Internet “Acceptable Use Policy”, ranging from social media sites and YouTube to gambling and drugs. 

Deep Packet Inspection (DPI) 

DPI grabs pieces of each packet to thoroughly inspect and identify anomalies or violations of normal protocol/communications. 

Application Awareness  

Log and track application use throughout the network to create a baseline and use these parameters to set policy around which users can access what. 

Active Directory/LDAP Integration 

This integration allows a higher level of content/URL filtering based on the user’s roles within Active Directory. 

 

Read more about Enterprise Security here.