The primal contest between computer user security and the external threat environment will shift with next generation firewalls. Significantly upgraded over the previous state-of-the-art, next-gen firewalls offer improved visibility into the contemporary Web-based network landscape and a much-enhanced capacity to detect advanced threats. But is this truly a generational performance enhancement, or just the same ol’ technology with an added dash of marketing magic? Let’s take a closer look. Traditional firewall performance includes stateful port/protocol inspection, network address translation (NAT), and virtual private network (VPN) integration. Typical services also include directory support (via Active Directory or similar) that authenticates and authorizes applications based on users and user groups. Also common is reputation-based filtering blocks applications that have earned a rep for naughty behavior. This helps discourage phishing attempts, virus infiltration, and additional malware sites and applications. Regardless of the vendor, next-gen firewalls include the following features: Application ID & filtering: This area is where next-gen firewalls really make a difference. Instead of the traditional all-or-nothing port opening approach, next-gen firewalls scan and filter traffic based upon the specific applications. Malicious applications that use non-standard ports to spoof countermeasures can be stopped dead in their tracks. SSL and SSH inspection: Enhanced inspection technology means next-gen firewalls can put SSL and SSH encrypted traffic under the microscope. Decrypted traffic is inspected, filtered, and then re-encrypted. Advanced malicious apps that utilize encryption as a detection countermeasure are no longer a threat. Intrusion prevention: Enhanced versatility and robust traffic inspection abilities provide all the functionality of a stand-alone intrusion prevention system. Most next-gen firewalls include full intrusion detection and prevention capability. In short, next-gen firewalls blend a full-service suite of performances – firewall, intrusion prevention, and additional security capabilities – into a single, efficient, high-performance appliance. The move...