Four differences between I-NGFW and NGFW

Can the next generation firewall (NGFW) represent the development trend of the next generation of security? According to research and analysis by Gartner, a famous international research institution, intelligence will become the trend of network security and hardware firewall development in the future. With various questions about this topic, the author has studied the next generation smart firewall of hillstone network, the only smart security network device listed on the market, and compare it with NGFW in terms of implementation technology.
Different security defense methods and concepts-based on real-time traffic data analysis and Feature Recognition
Feature-based defense is a security mechanism jointly adopted by traditional firewalls and NGFW. Its principle is that after a new attack is discovered, the system monitors the traffic and then matches the pattern in the feature, if a match is found, the traffic is marked as a possible attack. It is suitable for detecting unencrypted known attacks, but has obvious defects, it is basically powerless against the threats posed by new types of malware and attack types, APT and 0-day attacks in various forms.
INGFW (next-generation intelligent firewall) makes up for this defect in terms of defense methods. It has developed and extended the NGFW 7 tuples theory and added the 8th new element of Network Security Protection-behavior credibility index. This paper also proposes the risk-based security management and data analysis-based exception detection concepts. For protection against known threats, it inherits the traditional feature-based defense method. For unknown security threats, it detects network exceptions based on real-time traffic data analysis technology, the principle is to conduct data association analysis on the real-time traffic behavior of users, servers and other objects in the network, and continuously learn and adjust the behavior baseline to detect exceptions and unknown threats in the network. At the same time, iNGFW also provides early warnings and Preventive Measures for abnormal traffic and threats on the network, helping managers grasp the threats on the network in real time and intuitively.
Different management of network security risks-full-network health indexes based on active detection technology and visualized users and Applications
NGFW is based on the recognition of applications, users, and content. by identifying and combining monitoring, logs, and reports, NGFW visualizes users and applications, and adjusts security policies to manage security risks. However, it cannot help managers to ensure the availability and continuity of the entire network, especially the key services, this includes the server running status, key network nodes, user and application behavior patterns, and so on.
In comparison, iNGFW uses the health index of the entire network based on the active detection technology to periodically analyze and monitor the device resources, service services, key network nodes, and security threats in the network, and associate the analysis and test results to assess the overall network health and service availability. When the running condition begins to deteriorate, the whole network health index will issue an alert before the service is completely unavailable. At the same time, iNGFW provides managers with a more comprehensive visual interface similar to the "personal health check report". The sub-health items and dangerous items in the network are displayed one by one and displayed visually on the interface, to help managers better understand the network. Of course, according to the principle of "customer first", iNGFW opens to managers the configuration items of "reasonable health status" based on different situations of various companies.
Different Ways to troubleshoot network faults-manual troubleshooting and smart troubleshooting
To continuously ensure security, many users constantly adjust firewall policies. Frequent changes lead to an increasing number of firewall policies, resulting in a large number of redundant and invalid policies. NGFW also faces the same problem. In the case of a fault, it is difficult for administrators to determine which policies have problems. Sometimes they have to check the historical policies one by one so as to accurately identify the fault.
At this point, iNGFW minimizes the time it takes to locate a fault. through smart analysis and diagnosis tools such as packet path detection and global fault point detection, You can query network faults in one click in multiple ways, it can help managers quickly locate fault points and prompt the cause of the fault and corresponding policy configuration, which is simple, convenient, and clear at a glance.
Differences in traffic management-smart traffic management and normal traffic management
Traditional traffic control systems, including NGFW, can manage bandwidth traffic based on users and applications. However, most traditional traffic control functions can only be implemented based on source IP addresses, source ports, and destination IP addresses, destination Port and Transport Layer Protocol number, that is, traffic division of 5-tuples. At the same time, it is not detailed enough in the multi-level nesting of inclusion relationships, precise traffic division, business priority, and management methods.
INGFW uses two-layer and eight-level Intelligent Traffic Control. Managers can divide layer-4 nested traffic in each layer, it also provides an intuitive view of real-time traffic management of pipelines at all levels, such as the traffic ranking and percentage of pipelines at the first and second layers, traditional traffic control avoids the need to distinguish between complex applications and the inability to analyze the usage of bandwidth resources of many non-critical applications, and uses an elastic bandwidth allocation mechanism.
From the comparison above, the next generation of smart firewall innovative technologies are eye-catching and promising for the future of "smart security devices. It is reported that hillstone will release the upgraded version and version of its iNGFW this year, so we look forward to bringing more surprises to its new products.