I joined some seminars, conferences, read some articles and studies about ongoing developments of new firewall technologies and I would like to mention my thoughts about it. Some of those technologies are already on the market but they're starting to be accepted by.
The next generation firewalls will:
- Have superior performance (up to 100Gbps);
- Be deployed on more complex network traffic (MPLS, VPLS);
- Recognize applications (P2P, Video, Productivity, Web, IM, Skype, Games, etc, even "encrypted/obfuscated ones") for control purposes;
- Be part of complete security Ecosystems (FW, IPS, Anti-Spam, Anti-Malware, Parental Control, VPN, DPI, Lawful Interception) on a single Blade system;
- Support Denial of Service attacks detection and mitigation on a cleaning center architecture rather than a simple blind shape;
- Handle on-line traffic scanning for threat detection with zero delay;
- Understand traffic patterns and build a intelligent filtering network rather than simple allow/deny rules;
- Allow more "user oriented rules"than ip oriented rules;
As network threats evolve, I understand that our protection mechanisms can not remain the same and for firewalls we do not see a "slips forward" for a time.
I see this "all-in-one" features or "Ecosystem" as a natural evolution of the existing UTM devices. Makes investment cheaper. Management and troubleshooting easier. And are greener than the actual approach to combine multiple security devices to protect a network.
I'm excited with the possibility to evaluate one of those devices. This shall happen soon.
I'll post the tests results here in the future.
A good point here is that the security market is moving forward and for me, it's pointing to the right direction.