The Advantages of Next-Generation Firewalls (NGFWs)
December 05, 2019 By BlueAlly
Network managers and security teams are facing a double-edged challenge: networks are growing far more complex and expanding across multiple perimeters just as threat vectors become increasingly difficult to detect and threats grow more sophisticated. The Next-Generation Firewall (NGFW) offers a solution. According to Cisco ASA reviews and Cisco Firepower NGFW reviews on IT Central Station, they enable greater visibility into the network and applications while improving threat mitigation.
Visibility into Traffic and the Application Layer
“Before Firepower, we didn’t have any visibility about what attack was happening or what’s going on from the inside to outside or the outside to inside,” explained Ali A., a Technical Manager who uses Cisco Firepower NGFW at a comms service provider with more than 1,000 employees. He added, “After Firepower and the reporting that Firepower generates, I can see what’s going on: which user visits the malicious website, or which user uploaded or downloaded malicious code, and what the name of the code is and from which country. This is very useful and helpful for me to detect what’s going on. It enables me to solve any problem.”
Burak Y., an IT System Administrator who uses Cisco ASA at a transportation company, is dealing with a dynamic IT landscape which requires, in his view, “Security policy, controls, and visibility to be better than ever.” Mohammad R., a Security Officer at a government agency, praised ASA because it “gives us visibility into potential outbreaks as well as malicious users trying to access the site.” Iz, an Assistant Manager (Infrastructure) who uses Cisco Firepower at a small business, commented, “It has improved the security posture and visibility of our traffic.”
Visibility into applications is a critical need for network and security managers. Applications are frequent targets of malicious actors because they present an effective way to gain unauthorized access to data. Hackers also like to disrupt organizations by crippling their apps. To prevent these potentialities, Cisco NGFWs must “support application visibility,” noted a Senior Data Scientist who uses Firepower at a tech services company. He praised Firepower because it can support “application visibility and control.”
Eduardo V., an IT Infrastructure Specialist who uses Cisco Firepower at a transportation company, further addressed this need by saying, “It provides us with application visibility and control. We can see, on the dashboard, all the applications that are most used and which are under some sort of risk or vulnerability.” This matters because, “It helps a lot when we need to check some situation or issue that could be related to any attack or any violation. We can see that there are one or two or three applications that are the top-consuming applications. We can use this information to analyze if there is a deviation or if it’s something that we need to consider as normal behavior and increase the bandwidth on the site.”
IT Central Station members describe the importance of policy management in their selection and use of an NGFW. In this regard, according to David S., owner of a small tech company, “Cisco has better application granularity, a more flexible means of policy creation, and easier to use controls and more powerful reports than its predecessors.” Tony P., a Business Development Executive who uses Cisco ASA, further noted, “The firewall and policy side are easy to use.” A Network & Security Administrator at a financial services firm uses Cisco ASA to enforce security policy.
For Joel S., a Senior Network Engineer who uses Cisco ASA at a retailer with more than 1,000 employees, “Policy rulesets are key. The majority of what I do is create rules and work with the customers to make sure that things are getting in and out of the environment. Eduardo V. shared, “It’s not just the visibility of things, but the management of application behavior is very important. If I see that, for example, Facebook is consuming too much bandwidth, I can make a policy on the console here and deploy it to our remote offices. So the application visibility feature is one of the key parts of the solution.”
Threat Detection and Mitigation
Security managers rely on NGFWs to be their first line of defense against incoming threats and malicious exfiltration of data. As Paul C., a Security Architect who uses Cisco Firepower at a comms service provider with over 10,000 employees, noted, “FTD’s ability to provide visibility into threats is very good, if the traffic is clear.” He added, “You can stop new threats very quickly because you can get the threat intelligence deployed to all your IPSs in less than two hours. Cisco works closely with Talos and anything that Talos finds is provided in the threat intelligence of the FTDs if you have the license.”
To this point, a Regional Manager of Pre Sales at a tech services company was pleased that Cisco ASA “helps us to identify key, persistent threats so we can set policies accordingly.” An IT Manager who uses Cisco ASA with FirePOWER at a construction company spoke to this issue as well, saying he valued it for Intrusion protection. He said, “We were able to determine when we are being attacked. We needed a way to monitor threat protection and not cause latency. The product has the ability to be a consumer of threat intelligence, and be a contributor showing the maturity in threat protection posture.”