What are next generation firewalls? How the cloud and complexity affect them

Traditional firewalls track the domains that traffic is coming from and the ports it’s going to. Nextgen firewalls go beyond that — they also monitor the content of the messages for malware and data exfiltration and can react in real time to stop threats. The newest iterations do even more, adding behavioral analytics, application security, zero-day malware detection, support for cloud and hybrid environments, and even endpoint protection.

That’s a lot of functionality in one place. The idea is that by putting everything in one place, the management task would be simplified. Some firewall vendors — and third-party providers — are beginning to tackle the management issue by offering intent-based security, allowing users to set consistent policies for management and configuration, as well as compliance-related policies.

According to Gartner, by 2020, nextgen firewalls will reach almost 100 percent of internet points of presence. Most organizations, however, will use only one or two of the nextgen features.

How the next-generation firewall market is changing

Next-generation firewalls have been around for ten years, but the market is still growing. According to NSS Labs, more than 80 percent of enterprises currently have nextgen firewalls in place. “It remains the number one security control for enterprises today,” says Mike Spanbauer, vice president of strategy and research at NSS Labs.