Infrastructure security
Next-generation firewall (NGFW)
Combines traditional firewall capabilities with advanced features like intrusion prevention and application awareness for cloud network security.
Advanced network protection for cloud infrastructures
Next-generation firewall (NGFW) is an advanced network security device that goes beyond the capabilities of traditional firewalls by incorporating additional features and intelligence. For cloud security engineers, NGFW provides a comprehensive solution for protecting network traffic and applications in cloud and hybrid environments.
NGFWs typically include features such as deep packet inspection, intrusion prevention systems (IPS), application awareness and control, SSL/TLS inspection, and integration with threat intelligence feeds. These capabilities allow NGFWs to make more informed decisions about network traffic, identifying and blocking sophisticated threats that might bypass traditional firewalls.
In cloud environments, NGFW solutions often come in the form of virtual appliances or cloud-native services that can be deployed to protect traffic between virtual networks, to and from the internet, and between cloud and on-premises resources. NGFWs play a crucial role in securing hybrid and multi-cloud architectures, providing consistent security policies across diverse environments. By implementing NGFW, cloud security engineers can enhance their ability to detect and prevent advanced threats, gain visibility into application usage, and maintain a strong security posture for their cloud network infrastructure.
Product vendors
Open-source projects
- AWS Firewall Factory
- Framework for deploying and managing AWS Network Firewall configs across multiple accounts and regions.
Similar categories
- Firewall-as-a-service (FWaaS)
- Provides cloud-based network security, offering firewall capabilities as a service to protect distributed networks and cloud resources from threats.
- Secure access service edge (SASE)
- Combines network security with WAN capabilities to provide secure and direct access to cloud services and applications from any location.
- Web application firewall (WAF)
- Protects web applications from various attacks by filtering and monitoring HTTP traffic between web applications and the internet in cloud environments.
- Zero trust network access (ZTNA)
- Implements a "never trust, always verify" approach to network access, providing secure, granular access control for users and devices in cloud environments.