How should I select the Web security gateway and next-generation firewall? For enterprises that have deployed enterprise-level firewalls, further deploying Web security gateways will greatly enhance the enterprise's in-depth content security protection capabilities. The two are not a simple replacement.
According to the Information Security Report released by Gartner in March August this year, NGFWs indeed surpasses the normal firewall's status port and protocol filtering mechanism, it can implement some intrusion prevention functions based on the Deep Packet detection technology. On some high-end devices, you can also manage identity attributes and execute policies for Port/protocol-independent applications.
However, this report also highlights that although many companies claim that the NGFW solution can provide anti-malware functionality by virtue of its scanning capabilities, such scanning is at its root, it is still based on the traditional packet scanning technology and can only be applied to signature databases with a small capacity.
In this regard, Gartner's security experts said: "If an enterprise's goal is to obtain a security solution without any compromise, deploy a high-performance and highly precise in-depth content detection technology (DCI) web security gateway is a wise choice."
The truth is actually very simple. Even if NGFWs has more gimmicks and provides more functions, it is essentially a firewall based on Packet detection technology. However, the essence of Web security gateway is, it is an application-layer security device based on Web content detection and security control. According to Gartner, before 2015, due to technical bottlenecks, the two categories of devices still cannot be integrated.
DCI ensures that Web security gateway can see "content" that traditional security devices cannot see"
In this regard, Mr. Peng chaohui, general manager of Wenjie network Greater China, said: "At present, with the explosive growth of network applications, the growth of the number of applications and protocols is astonishing. In this case, only the Web security gateway can scan the complete malicious threat signature database based on the high-performance infrastructure and the advantages of layer-7 Application software algorithms. In other words, if you cannot view all the content in Web traffic in real time, you cannot scan and intercept malware and provide effective data leakage protection (DLP )."
Four advantages of Web Security
For NGFWs, due to its limited computing power, it is difficult for NGFWs to carry out a complete malware scan, which will cause a high reduction in the accuracy of the malware capture rate. On the contrary, Web security gateway can provide in-depth content security detection capabilities, which is not implemented by NGFWs Based on Packet detection.
Therefore, compared with NGFWs, Web security gateway has at least four advantages:
First, the Web security gateway can implement two-way malicious software security protection for outgoing and incoming traffic, and can implement Web-based application identification and access control.
Second, the Web security gateway can better provide mobile application security protection and implement cloud-based service delivery models. This is a traditional firewall or intrusion defense system (IPS) cannot be implemented.
Third, for enterprises that have deployed enterprise-level firewalls, further deploying Web security gateways will greatly enhance the enterprise's in-depth content security protection capabilities. The two are not a simple replacement relationship.
Fourth, the Web security gateway can protect terminal devices from malicious software attacks and monitor and control Web traffic on the network. In other words, the Web security gateway can provide various filters and control over the Internet, while promoting beneficial interactive Web applications to play a more secure role.
Dr. Zhang hongwen, Global CEO of Wenjie Network, said: "Security is still the main purpose of Web security gateway. Currently, high-performance Web security gateway devices represented by BeSecure pay more attention to the real-time content monitoring technology, not just Protection Technology Based on file, URL classification, or static policies."
Gartner's security analysts also said: "The multi-functional firewall has attracted the attention of many SMB users. However, in most cases, powerful enterprise buyers do not consider using multi-functional firewalls to replace Web security gateways.