<p>For years, organizations have relied on traditional firewalls as their first and best line of defense against unauthorized access to their systems. The threat landscape, however, has changed dramatically. Hybrid working models, SaaS platforms and cloud data have blurred the network edge to the point where there is no single perimeter for SecOps to defend.</p>
<p>As cyberattacks grow <a href=”https://www.techtarget.com/whatis/34-Cybersecurity-Statistics-to-Lose-Sleep-Over-in-2020″>more persistent and sophisticated</a> and identity becomes the new perimeter, organizations require additional measures to protect company assets. <a href=”https://www.techtarget.com/searchsecurity/definition/next-generation-firewall-NGFW”>Next-generation firewalls</a> have become a go-to tool for network security, combining traditional firewall capabilities with advanced hardware, software and cloud-based features to detect and block modern cyberattacks.</p>
<p>Whether replacing an existing firewall or securing an expanding network infrastructure, CISOs and their teams must carefully evaluate NGFW products to find the one that best fits their organization’s cybersecurity posture. Having the right NGFW for an organization’s specific needs can reduce the frequency, severity and cost of cybersecurity incidents.</p>
<section class=”section main-article-chapter” data-menu-title=”How to evaluate NGFW vendors”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>How to evaluate NGFW vendors</h2>
<p>While it’s natural to focus on the features and functions of NGFW products, CISOs should also evaluate the product vendors. Vetting these vendors and ensuring their efficacy can help avoid mistakes that delay or even derail the evaluation process.</p>
<p>Approach the vetting process as when making any major purchase. For example, learn how easy it is to work with the vendor. Gauge its reputation, technical support and trustworthiness by reading online reviews. Take into account how long the vendor has been selling NGFW products. Ask if it is actively developing new products and features or only maintaining existing technology. Also, ask whether the vendor developed the NGFW products or if the technology was acquired through a company merger or acquisition.</p>
<p>An organization’s relationship with the chosen vendor will last long after the contract is signed, so select one with which it is comfortable working.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”NGFW product features”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>NGFW product features</h2>
<p>Each organization will have its own unique set of security needs and priorities. With NGFWs containing a range of advanced product features, CISOs have much to consider.</p>
<h3>Detection and response</h3>
<p>The main objective of an NGFW is to detect and respond to threats. It is key to select an NGFW that can identify and understand the applications and protocols in use at the organization. It is also important that the NGFW analyzes the nature of communication, stops malicious and unwanted traffic, and logs and generates alerts for the cybersecurity team.</p>
<p>Most security teams will require an NGFW that uses <a href=”https://www.techtarget.com/whatis/definition/threat-intelligence-feed”>threat intelligence feeds</a> to detect malicious and suspicious activity. The latest NGFWs integrate AI to improve speed and accuracy when detecting and responding to attacks and other policy violations.</p>
<h3>Management and maintenance</h3>
<p>To reduce complexity, look for an NGFW array accessible through a single interface to manage, maintain, monitor and report all encrypted and unencrypted network traffic. Ensure it supports and can enforce highly customizable rule sets and other configuration settings. Administrators should be able to tune detection capabilities to reduce both false positives and false negatives, and roll back configuration changes if problems occur. Ideally, select an NGFW that enforces <a href=”https://www.techtarget.com/whatis/feature/History-and-evolution-of-zero-trust-security”>zero-trust architecture</a> principles.</p>
<h3>Integration</h3>
<p>CISOs should select an NGFW that integrates and interoperates with other <a href=”https://www.techtarget.com/searchsecurity/The-ultimate-guide-to-cybersecurity-planning-for-businesses”>enterprise cybersecurity technologies</a> used by the organization, including network-based, host-based, and cloud-based products and services. The NGFW will need to ingest automated threat intelligence feeds from any source with updates in near-real-time.</p>
</section>
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: