What is a Next Generation Firewall?

What is a Next Generation Firewall?

When we talk about security one of the things we always talk about is a Firewall. It’s the first thing that we put on our 7 Essentials to Cyber Security to ensure that you are taking the appropriate steps to protect your organisation.

A Next Generation Firewall is as it sounds, it’s the next generation or level of Firewall that you can have. It’s important to understand the benefits of a Next Generation Firewall to know what is best for your organisation.

In this blog we are going to explore what Firewalls do, what’s different about a Next Generation Firewall and why this element of your security is important.

Next Generation Firewall

What is a Firewall?

Before we explain what a Next Generation Firewall is we should first cover Firewalls in general and what they do.

A Firewall is the perimeter security for your network and can be both a software application or a piece of hardware. It controls the traffic coming in and out of your network and acts as a barrier against anything malicious. Your Firewall’s policy determines which traffic is allowed and which is denied.

The term was taken from firefighting where a barrier would be used to control the spread of fire. A Firewall in the IT industry acts in a similar way, it controls the spread of anything harmful on your network. Firewalls usually stop things like worms, hackers and viruses reaching your computer via the Internet.

What is a Next Generation Firewall?

A Next Generation Firewall brings another layer of security into play. It combines a traditional Firewall with additional functionalities to increase protection. Next Generation Firewalls will conduct something called Deep Packet Inspection or DPI.

A ‘packet’ in the IT industry refers to a unit of data that is part of the traffic being filtered by your Firewall. Deep Packet Inspection looks at the content of that packet before letting it into your network. The best way to describe it is like a letter in the post. Instead of the Firewall just checking the envelope (your packet) coming through your letterbox it will look at the contents inside as well to make sure it’s safe.

Some Next Generation Firewalls will also conduct DPI-SSL. This is Deep Packet Inspection of a Secure Socket Layer. A Secure Socket Layer or SSL establishes an encrypted link between a web server and a browser. This may sound technical but you actually see it every day. The little padlock that you look for to tell you that a website is safe is actually the sign of an SSL certificate.

The Next Generation Firewalls that conduct DPI-SSL are inspecting encrypted traffic before it enters your network. According to an article by WIRED back in early 2017, we have reached a milestone of 50% of Internet traffic being encrypted. Engadget reported towards the end of 2017 that Google had stated that 73% of traffic in the US is encrypted. With these kind of statistics, businesses need to be considering Next Generation Firewalls, otherwise only half the traffic coming into the network is really being scanned.


Protect your business, download our Ransomware Playbook now »


Why is a Next Generation Firewall important?

If less than half of the traffic coming in and out of your network is being covered by your Firewall then this leaves you open to all manner of threats. Things like Ransomware and hacking can have a massive impact on your business operations.

If you experience something like Ransomware then the first thing that is going to be compromised is your data. Ransomware will encrypt your files and demand a sum of money in return for the decryption key. It will grind your business to a halt and leave you dealing with the threat of losing important data. Experiencing downtime is a big issue. Imagine if your client data was compromised. You would find it very difficult to take orders and make money.

The other aspect to consider is your reputation. If a client’s data is compromised you may be liable to inform them under GDPR. If you haven’t taken responsibility for that data and you put it at risk you may lose business in the future.

The third aspect that is always important is your finances. Having flaws in your cyber security can impact your finances in a number of ways. You may end up paying a ransom demand (although we wouldn’t recommend you do that), you may pay money out not realising you are the victim of a phishing scam or you may get fined by the ICO for not being GDPR compliant.

If you want to be seen to be taking your security seriously, as well as actually protecting your business at the same time, you need to consider the benefits of a Next Generation Firewall for your network.

Wrapping up

The tools we put in place to protect our organisations can be the difference between many things. They could be the difference between keeping customers, keeping money and staying in business. If you currently do not have a Next Generation Firewall in place we recommend that you begin to consider it and talk to whoever is responsible for your IT.

If you would like to talk someone about this further and get some advice then please do contact ACUTEC on 01675 469020 or email hello@acutec.co.uk.