This cornerstone of basic security is beginning to face demands for greater functionality, and an approach that is more gateway-like than point solution.
According to a survey on next-generation firewalls (NGFW) from Forrester Consulting, when asked what the key drivers were for their current or planned next-generation firewall projects, survey respondents said, “expanding/re-architecting infrastructure,” (56%), “recent security breaches that we’ve seen in the news,” (54%) and, surprising or not, “recent security breach within our own organization,” (44%).
Accordingly, the key requirements expected in an NGFW today are changing. In ranking the top five features when selecting a next-generation firewall system, 71% of the respondents selected “advanced threat capability (i.e. sandbox).” This was closely followed by stateful firewall at 70%. Antivirus (67%), authentication (65%) and SSL (62%) rounded out the list.
“What security teams want are integrated controls that can scale and change as threats constantly mutate—hence we see the irreversible trend toward NGFW dominance in the security gateway market,” said John Kindervag, vice president, principal analyst for Forrester Research, in the report. “Today, customers want NGFWs that do more than firewalling and IPS/app control; they want gateways that fight advanced threats like zero-day malware and respond to new cybercriminal tactics such as encrypting payloads or stolen data inside of an SSL tunnel.”
With that in mind, when respondents were asked to rank their top decision criteria when selecting a next-generation firewall system, security effectiveness was far and away the top response, at 63%. This was followed by product performance (throughput, latency, reliability) at 41% and compatibility with current infrastructure at 39%. Of note, trusted provider/brand was cited only 25% of the time and reporting/visibility was mentioned only 14% of the time.
“Today’s organizations are tired of security vendor marketing, focusing instead on a product’s quantified ability to do the job,” said John Maddison, vice president of marketing at Fortinet, which sponsored the survey. “This is why Fortinet advocates third-party, real-world effectiveness and performance testing and participates in so many tests performed by credible test houses like NSS Labs, Virus Bulletin, Ixia and more. We encourage all organizations to test products in their own environments under production workloads or, barring that, to at least evaluate credible, third-party tests before making a strategic or important buying decision.”