Which next-generation product replaces utm appliances to reduce traffic inspection latency?

The Internet is a scary place for a business. Headlines about malware attacks and data breeches have become a daily occurrence. Older firewall appliances which screen out malicious programs using only dynamic packet filtering, otherwise known as stateful inspection, are no match for today’s hackers. Stateful inspection limits firewall protection to an all-or-nothing security policy, and this makes the technology essentially obsolete. Network security should be able to inspect the entire data payload of a network packet with enough precision and intelligence to distinguish good web traffic from bad, and be able to enforce security policies set by an IT administrator. To a certain point, this can be achieved with software solutions like endpoint management ( A UTM defends your network at the point of attack After a computer network grows beyond 10 or 20 users, an SMB should consider deploying network security at the outskirts of its network. This is where a UTM becomes essential. Unified Threat Management devices ( A UTM facilitates this balancing process. By placing all the tools for conducting deep packet inspection in one appliance, which is controlled by single graphical user interface, a network administrator can fine tune network security to best fit the needs of the ends user as efficiently as possible. What network security features does a next-generation firewall have that a UTM does not? A next-generation firewall (NGFW) in many ways resembles a UTM in appearance a...

Today we have a thoughtful contribution from security expert Patrick Bedwell, vice president, product marketing at * * * There's currently a lot of discussion in security circles about next-generation firewalls (NGFW) (over a million hits on "next-generation firewall" in a Google search in mid-July 2010). Some writers believe that an entirely new, innovative technology has emerged in NGFWs; in my view, NGFWs are a subset of the existing unified threat management (UTM) systems market, or even simply the next step on the continued evolution of traditional firewalls. The discussion is leaving some chief information security officers (CISO) wondering how NGFWs differ from Lifting the hood on next-generation firewalls Next-generation firewalls are generally described as tightly integrating firewall functions, intrusion-prevention systems ( One of the most touted technologies in NGFW products is an application visibility-and-control capability. This is being promoted as one of the most significant advancements in security technology since the introduction of the stateful firewall. But is it really so innovative? The simple definition of application control is the ability to detect an application based on the application's content vs. the traditional layer 4 protocol. Since many application providers are moving to a Web-based delivery model, the ability to detect an application based on the content is important, but not especially innovative. Consider that the proposed innovation...