As the global workforce emerges from the pandemic, many firms are continuing the remote office work option for employees in 2021 and beyond. In fact, it's estimated that of full-time office workers will be working from home post-pandemic versus 5% before the pandemic.
This permanent rise of workers in remote locations means that cyber incidents will invariably increase in frequency and severity over the coming years. Corporate IT departments are therefore hyper-focused on crucial infrastructure improvements and optimization efforts to support users in their new network access and usage patterns. With the traditional network perimeter now extending to the edge where the remote worker resides, SMB and enterprise IT departments alike are grappling with a myriad of security issues related to this rapidly expanding cyberattack surface.
Unfortunately, 2020 was also a record-breaking year for cyberattacks and data breaches involving enterprises, governments, and small businesses alike. As the last bastions of defense against the wilds of the internet, today’s firewalls must function as more than just digital traffic handlers or sentries. Networking hardware vendors are therefore in continuous development of features for countering the constant barrage of new cyber threats.
What Are Network Firewalls?As its name implies, a network firewall creates a wall or barrier that separates an organization's internal network from external internet traffic. That barrier, however, is porous—legitimate traffic still needs to flow back and forth. It is therefore the firewall's job to inspect the traffic coming through these firewall entry points, called ports.
By following a set of rules with specific parameters (e.g., protocol, port number, IP address) for either permitting, restricting, or blocking access, a network firewall enables safe communication to occur from the internal network to the outside world and vice versa.
Types of FirewallsTraditional firewalls offer functionality like static and dynamic packet filtering, virtual private network (VPN) support, network address translation (NAT), and more. These features address critical needs like masking internal computers from external hosts and securely accessing the network remotely through an encrypted tunnel.
In contrast, next-generation firewalls (NGFW) offer advanced capabilities such as deep packet inspection (DPI) and application-level visibility, as well as the integration of cloud-based threat intelligence from outside the firewall. Though no industry-wide definition exists, NGFWs are best described by Gartner as:
"... deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall."
Why Is a Next-Generation Firewall Crucial?Traditional firewalls were designed in an age where cyber threats could be thwarted by mere stateful inspection of network traffic. These days, attackers are clever enough to exploit various unknown vulnerabilities and malicious enough to unleash threats like ransomware, application-layer attacks, and fileless malware.
NGFWs are critical for protecting against these new threat types, providing more than just inspection and blocking but also intrusion detection and prevention, crowdsourced threat intelligence, artificial intelligence/machine learning (AI/ML)-based anomaly detection, and more.
How Much Does a Firewall Cost?For a small or home office firewall solution, users can expect to spend between $500 and $1,000. That said, depending on the needs of the organization, pricing can get into the tens of thousands. Generally speaking, buyers should expect to spend $1,000+ for a battle-tested, TAA-compliant firewall like Fortinet that can hold its own against advanced threats.
Next-Gen Firewalls: Top PicksFrom industry stalwarts to new players in the NGFW space, the following is a list of top vendors with firewall solutions targeting both SMBs and enterprises.
- Cisco Cisco Systems needs little introduction in the networking arena. Its products are ubiquitous (especially the Firepower firewall line) and can be found in environments ranging from small retail outlets to carrier-grade data centers. Other offerings include its software-defined wide area networking (SD-WAN) solution and Umbrella, a cloud-delivered firewall, to name just a few.
- WatchGuard WatchGuard develops NGFW offerings for SMEs and large enterprises. Its solutions offer integrated firewall capabilities, antivirus, intrusion detection and prevention, unified threat management (UTM), and more.
- Forcepoint Raytheon-subsidiary Forcepoint offers NGFW solutions that combine user behavior analysis with monitoring and network management capabilities, all managed through a single console. Forcepoint firewall appliances also support SD-WAN networking and clustering for high availability.
- Fortinet NGFWs from Fortinet integrate SD-WAN, threat intelligence, antimalware, UTM, and more for comprehensive resilience across an organization’s IT infrastructure. The FortiGate series of NGFWs is one of the most popular and best-performing appliance offerings on the market.
- Barracuda Networks Barracuda Networks develops the Firewall F-Series, a firewall solution designed to protect both legacy systems as well as newer virtual or cloud environments. The appliance is capable of zero-day attack protection, intrusion prevention, web filtering, malware protection, and more.
- SonicWall Despite being known primarily for its line of SMB firewall solutions targeting small to mid-sized networks, SonicWall does offer next-generation security features via its cost-effective NSa series of NGFWs. The NSa series features Real-Time Deep Memory Inspection (RTDMI), a capability that allows the NGFW to proactively detect and block unknown malware via deep memory inspection in real time.
- Versa Networks Versa Networks offers the VERSA FlexVNF, a multi-service, multi-tenant software platform with a built-in NGFW. It features context-aware policy management, multi-tenancy support and full-featured routing, SD-WAN, and UTM.
- Palo Alto Networks Industry-leading Palo Alto Networks offers a range of firewalls that span physical hardware appliances to virtualized solutions or appliances and cloud-based firewalls. Its NGFW platform incorporates shared threat intelligence across the ecosystem to keep its firewall appliance rules and policies automatically up-to-date.
- Sophos The XG Series NGFWs from Sophos include advanced features such as exploit prevention, zero-touch deployment and configuration, as well as cloud visibility and support for AWS and Azure cloud infrastructures, to name a few. Sophos’ solutions in particular are known for their ease of use and automated setup capabilities.
- Juniper Networks Juniper Networks SRX Series NGFWs offer UTM, IP/user-based application policies, as well as threat intelligence powered by Juniper’s Sky Advanced Threat Prevention cloud-based service. Its NGFW offerings are known for their high performance and ease of management.
- Check Point Cybersecurity industry stalwart Check Point offers a vast portfolio of firewall products to address IT infrastructures and environments of all types. Its solutions can also ship as a virtual appliance or cloud offering (e.g., VMware, AWS, OpenStack, Microsoft Azure).
- Honorable Mention: pfSensepfSense is not exactly a vendor. It's perhaps more accurate to say that many vendors have chosen this open-source firewall to integrate into their own hardware solutions. Despite being free (read: no support but commercial options are available), the powerful solution offers advanced capabilities such as stateful packet inspection, UTM, load balancing, VPN, and more.
Protecting Against Future ThreatsFirewalls began as relatively straightforward network devices designed to monitor incoming and outgoing traffic and permit or block packets based on rule sets or policies. These constructs for network security haven't changed. However, the aforementioned NGFW vendors add a comprehensive layer of features, on top of the basics, to account for today's cybersecurity landscape.
It's worth noting that future (and some current) cyber threats will invariably leverage AI/ML to a greater or lesser degree. To counter this, many NGFW vendors have also incorporated AI/ML in their solutions. For example, Fortinet has developed FortiAI, a self-learning AI for security operations, available as an on-premises hardware appliance or virtual machine. Juniper ATP—integrated with its NGFW—uses ML to discover and block both known and unknown threats. Similarly, the Sophos XGS firewall uses AI/ML in conjunction with sandboxing to analyze and detect unknown threats.
And rest assured, AI/ML NGFW capabilities are not out of reach for budget-conscious firms. SonicWall's RTDMI leverages AI/ML to surface advanced threats and protect against them in real time.
In short, with the global workforce gearing up to work remotely for the long haul, firewall vendors such as those mentioned here are developing solutions today to protect organizations from tomorrow's new breed of cyber threats. Suffice to say, the pandemic may be in the rearview, but cyber incidents will continue to increase in frequency and severity. These vendors and their respective firewall solutions are the first line of defense against a new age of digital threats in the post-pandemic era.