Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .




Sean Newman, security strategist, Cisco Security Business Group

When Gartner coined the phrase “next generation firewall”, in 2003, it captured a then-nascent approach to traffic classification and control. Combining traditional packet filtering with some application control and IPS layered on top, today’s ‘legacy’ NGFWs do pretty much what they say on the tin.

However, whilst NGFWs continue to be a vital part of an organisation’s protection, they were designed for a time before advanced targeted threats started attacking our enterprises – threats which often go undetected until it’s too late.

Most organisations today secure their networks using disparate technologies that don’t – and can’t – work together. They leave gaps in protection that today’s sophisticated attackers exploit. These point solutions lack the visibility and control required to implement effective security policy to accelerate detection of all threats and response. In addition, disparate solutions add to capital and operating costs and administrative complexity.

From my own discussions with security professionals I know that they are frustrated with disparate point solutions and the cost, complexity and administrative headaches they create – not to mention the gaps in security.

So what’s to do?

Sean Newman

Sean Newman

NGFWs must evolve to stay relevant in a world that is dealing with dynamic threats – threats that we couldn’t have anticipated just a few years ago. It’s time for a shift in mindset regarding the level of protection an NGFW must provide, to improve visibility, detect multi-vector threats, close security gaps that attackers exploit, and combat other sophisticated threats.

Until now, NGFWs have focused on policy and application control and have been unable to address advanced and zero day attacks. In short, existing detection mechanisms – even the latest innovations around sandboxing – simply won’t protect against the advanced malware and zero-day attacks we’re seeing today. In order to combat today’s dynamic threats a different approach is needed – one that delivers continuous monitoring and full contextual analysis of threats before, during and after the attack.

In order to deal with today’s security challenges, an NGFW must offer capabilities that address these three strategic imperatives:

• Visibility-Driven: To address today’s era of threats, a visibility-driven approach enables insight into all users, devices, OS, applications, virtual machines, connections and files, to provide real-time contextual awareness, give network defenders a holistic view of the network and make it easier to pinpoint suspicious behaviour, when it happens. Full stack visibility and contextual awareness for integrated security serves as the basis for both streaming and automating defence responses. Granular application visibility and control and URL filtering are also crucial to reduce the overall attack surface.

• Threat-centric: This entails delivering integrated threat defence, across the full attack continuum – before, during and after the attack. Threat-centric protection must combine market-leading NGIPS, with advanced malware protection (AMP), that is third-party tested to confirm security effectiveness. Because today’s advanced malware is designed to evade “point-in-time” security layers, threats still get through, so organisations now require technology that not only scans at an initial point-in-time to detect, understand and stop threats, but also makes use of continuous capabilities, which can “go back in time” to alert on and remediate files initially deemed safe, that are later determined to be malicious.

• Platform-based: IT professionals are now under tremendous pressure to reduce complexity in their environments, keep operational costs low and maintain the best defences to keep pace with the dynamic threat landscape. In today’s world, platform-based now entails delivering a simplified architecture and reduced network footprint, with fewer security devices to manage and deploy. To meet today’s challenges, a next-generation firewall must combine proven firewall functionality, leading intrusion prevention capabilities, and advanced malware protection and remediation in a single device. These firewalls must be highly scalable, and enabled by open APIs, to deliver security across branches, the internet edge, and data centres (physical and virtual environments) in order to cope with growing demands.

Organisations are continuously evolving their extended networks and must have defences in place that can address the dynamic threat landscape. To remain relevant, an NGFW must offer next-generation security capabilities that are visibility-driven, threat-focused and platform-based. Addressing these three imperatives is crucial in enabling organisations to maintain a robust security posture, that can adapt to changing needs and provide protection across the attack continuum – before, during and after an attack.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post