Overview of Next Generation Firewall Security Products – Medium Scale Enterprise

Type: Grandmetric GuidePaper
Author: Marcin Bialy

Abstract:

Next Generation Firewalls are designed to provide context and better visibility for traffic flowing through the network in comparison to legacy stateful firewalls where Layer 3 and 4 information of OSI were the only subjects for classification. Based on different processing engines responsible for providing “next-generation” functions, NG Firewalls are able to mitigate security risks more precisely and under different angles than legacy security devices.

Performing many operations e.g. application layer inspection, user identity recognition, intrusion prevention mechanisms, antivirus, malware code detection, web filtering based on category, and in conjunction with cloud-based security feeds, NGFW products provide a modern line of defense.

In this report, we are going to assess the enterprise medium-scale Next Generation Firewalls performance, networking functions, and security features based on vendor-provided information like feature set tables, data sheets, and whitepapers for better network security market insight. We are going to consider NGFW from the following vendors: Cisco, Cisco Meraki, Fortinet, Palo Alto, Juniper, Check Point, WatchGuard, SonicWall, Barracuda. All information we use in the report is based on vendor publicly accessible technical and marketing materials. The list of vendors was created based on industry recognition and the subjective opinion of Grandmetric researchers. The order of the list is accidental.

Contents:

• Executive summary
• Cisco ASA Firewall with FirePOWER
• Meraki MX Firewalls
• Barracuda
• Sonic Wall
• Fortinet Fortigate
• Juniper SRX Series
• Check Point
• Palo Alto
• WatchGuard
• Features and performance comparison table
• Summary
• Glossary
• References

Keywords: Enterprise Networks, Firewall, Security, IT