Firewalls are a crucial element of web security, but many IT professionals still aren’t clear on the differences between next generation firewalls (NGFW) and web application firewalls (WAF). There are vital points of difference between the two; being aware of the specifications can help make the purchasing and administration process clearer. While it might seem like a superficially superior option to simply apply both, regardless of specific needs, cyber security experts agree that NGFW should be the universal default, with only companies with specified needs using WAF as well.
Why are they called “next generation” firewalls?
The name “next generation firewall” or NGFW often makes non-tech savvy users think they are an upgrade of the WAF systems when, in fact, the two technologies developed in parallel with a very little crossover in utility. Why then are they called “next generation” firewalls? Because these are the third major advancement in traditional network security setup to monitor incoming and outgoing network traffic. Rather than continue to number each sequential advancement, particularly when various iterations have different emphases, most third-generation systems are simply labeled as “next generation.”
Features of next generation firewalls
Next generation firewalls are designed to be used as a system’s primary firewall defense, working in two ways: blocking unauthorized access to the private network and working to filter potentially hazardous incoming information. Specific attributes of NGFW include:
- Third-party identity management integration (Active Directory, LDAP, RADIUS, etc.)
- Functions as a barrier against malware
- Regulates web activity
- Tracks and detects data patterns through the network
- All data, users, applications, and threats are tracked and logged for analytical purposes
- In-line deep packet-filtering
- Network and port address translation
- Stateful inspection
- VPN support
- Intrusion prevention system
- TLS/SSL encrypted traffic inspection
- Website filtering
- QoS/bandwidth management
What does a web application firewall do?
Although both next generation and web applications are labeled as firewalls, they work very differently. Web application firewalls (WAF) don’t perform any filtering action or block anything from entry into a secure network. Instead, they focus solely on web application coding, trying to detect and prevent errors from cascading into outages or failures.
When to employ a web application firewall as well
While every company needs a cyber security plan in place incorporating an NGFW, only those that anticipate potential issues with web application coding errors need to employ a WAF. While NGFW and WAF both have the name ‘firewall,’ they work very differently and perform entirely discrete functions. Unless your cyber security system will need to cope with web application code issues, it is neither necessary nor cost effective to use a WAF with an NGFW.