Firewalls are by far the most utilized security product, having been defending the perimeter of the organizations since the 1980’s, with the first generation being in essence simple packet filtering/inspection. Today’s firewall products are referred to as either a Next Generation Firewall or Unified Threat Management system and have built on those key concepts and morphed into deep level packet inspection, application filtering, IDS/IPS, email, and reverse proxy. While similar there are some differences between NGFW and UTM.
A Next Generation Firewall (NGFW) can be a physical appliance, software, or cloud enabled, and it is designed to detect and protect an organizations from more sophisticated attacks. Most NGFW’s will include deep packet inspections firewalls, IDS/IPS, application inspection and control, SSL/SSH inspection, website filtering and Quality of Service bandwidth management, some will also include some form of threat intelligence, data loss prevention with active directory integration.
Unified Threat Management (UTM) can also be a physical appliance, software or cloud enabled, and generally consists of the firewall technologies, intrusion detection, antimalware, spam and content filtering, with VPN capabilities, some will include load balancing, quality of service, intrusion prevention, identify based access control and application awareness.
The introduction of both of these technologies was to simplify the management of numerous perimeter security products into a single pane of glass.
Firewalls are an essential security product, and are a first layer of defense when it comes to protecting the assets of your organization, it is important to remember that firewalls, both NGFW and UTM are designed to protect the perimeter, but a challenge organizations face is the lack of a defined perimeter due to organizations mobile work force and cloud applications.