|
|
Sponsored Content
Special Forums
Cybersecurity
IT Security RSS
Next Generation Firewalls: What's coming?
Post 302416726 by Linux Bot on Tuesday 27th of April 2010 02:30:03 PM
04-27-2010
Next Generation Firewalls: What's coming?
I joined some seminars, conferences, read some articles and studies about ongoing developments of new firewall technologies and I would like to mention my thoughts about it. Some of those technologies are already on the market but they're starting to be accepted by.
Features:
The next generation firewalls will:
As network threats evolve, I understand that our protection mechanisms can not remain the same and for firewalls we do not see a "slips forward" for a time.
I see this "all-in-one" features or "Ecosystem" as a natural evolution of the existing UTM devices. Makes investment cheaper. Management and troubleshooting easier. And are greener than the actual approach to combine multiple security devices to protect a network.
I'm excited with the possibility to evaluate one of those devices. This shall happen soon.
I'll post the tests results here in the future.
A good point here is that the security market is moving forward and for me, it's pointing to the right direction.
Regards
More...
Features:
The next generation firewalls will:
- Have superior performance (up to 100Gbps);
- Be deployed on more complex network traffic (MPLS, VPLS);
- Recognize applications (P2P, Video, Productivity, Web, IM, Skype, Games, etc, even "encrypted/obfuscated ones") for control purposes;
- Be part of complete security Ecosystems (FW, IPS, Anti-Spam, Anti-Malware, Parental Control, VPN, DPI, Lawful Interception) on a single Blade system;
- Support Denial of Service attacks detection and mitigation on a cleaning center architecture rather than a simple blind shape;
- Handle on-line traffic scanning for threat detection with zero delay;
- Understand traffic patterns and build a intelligent filtering network rather than simple allow/deny rules;
- Allow more "user oriented rules"than ip oriented rules;
I see this "all-in-one" features or "Ecosystem" as a natural evolution of the existing UTM devices. Makes investment cheaper. Management and troubleshooting easier. And are greener than the actual approach to combine multiple security devices to protect a network.
I'm excited with the possibility to evaluate one of those devices. This shall happen soon.
I'll post the tests results here in the future.
A good point here is that the security market is moving forward and for me, it's pointing to the right direction.
Regards
More...
|
|
6 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I've been considering switching my companies production firewall from FreeBSD and OpenBSD to Linux. The reason being is having so many different flavors of Unix on our production network from FreeBSD, OpenBSD, Solaris, and Linux makes things more difficult to manage from a standardized... (2 Replies)
Discussion started by: mstevenson
2 Replies
2. IP Networking
Secure packet filtering on high-bandwidths fw/rtr for large business tasks. Has anyone tried this concept on openbsd?
The article is posted at www.sysadminmag.com on page 27. January 2002 issue.
I believe Mike has hit upon something that can be applied in the field today and prevent fw... (0 Replies)
Discussion started by: dpatel
0 Replies
3. Cybersecurity
what can I use to find out whether a computer has a firewall or proxy??? What can I use do erase it? (5 Replies)
Discussion started by: Phatress
5 Replies
4. UNIX for Dummies Questions & Answers
One day, while using my PC with Windows XP, my router just stopped working. So, for the ability to connect to the web at that moment, I connected directly to the cable modem without my router. I noticed immediately that people were trying to hack into my computer because my personal firewall would... (2 Replies)
Discussion started by: Minnesota Red
2 Replies
5. UNIX for Advanced & Expert Users
Hi,
I was doing abit of reading on firewalls when this question came up.
Is there any command which sets up a firewall that will only allow packets through if they come from a port number less than 1024?
How about a command which allows packets through if they are destined for a port... (3 Replies)
Discussion started by: sleepster
3 Replies
6. Cybersecurity
As we know, firewall is designed to keep unauthorized outsiders from tampering with a computer system or network. We don't talk about computer security without cryptography.
In this case, may I know,How does cryptographic protection (at the TCP/IP layers or at the application layer) affect a... (1 Reply)
Discussion started by: heroine
1 Replies
LEARN ABOUT DEBIAN
httppower
httppower(8) powerman httppower(8) NAME
httppower - communicate with HTTP based power distribution units SYNOPSIS
httppower [--url URL] DESCRIPTION
httppower is a helper program for powerman which enables it to communicate with HTTP based power distribution units. It is run interac- tively by the powerman daemon. OPTIONS
-u, --url URL Set the base URL. INTERACTIVE COMMANDS
The following commands are accepted at the httppower> prompt: auth user:pass Authenticate to the base URL with specified user and password, using ``basic'' HTTP authentication which sends the user and password over the network in plain text. seturl URL Set the base URL. Overrides the command line option. get [URL-suffix] Send an HTTP GET to the base URL with the optional URL-suffix appended. post [URL-suffix] key=val[&key=val]... Send an HTTP POST to the base URL with the optional URL-suffix appended, and key-value pairs as argument. FILES
/usr/sbin/httppower /etc/powerman/powerman.conf ORIGIN
PowerMan was originally developed by Andrew Uselton on LLNL's Linux clusters. This software is open source and distributed under the terms of the GNU GPL. SEE ALSO
powerman(1), powermand(8), httppower(8), plmpower(8), vpcd(8), powerman.conf(5), powerman.dev(5), powerman-devices(7). http://sourceforge.net/projects/powerman powerman-2.3.5 2009-02-09 httppower(8)