Check Point Next Generation Firewall by Check Point Software
NGFW Next Generation
Firewall The Check Point Next Generation Firewall extends the power of the firewall beyond stopping unauthorized access by adding IPS and Application Control protections. Next Generation Firewalls come in many sizes and offer throughput of up to 110Gbps
Advanced Next Generation Firewall in One Appliance
Proven gateway security with industry-leading firewall performance
User and machine identity awareness balance security and business need
Integrated into Check Point Software Blade Architecture
Juniper SRX Series by Juniper Networks
SRX Series Services Gateways are high-performance network security solutions for enterprises and service providers that pack high port-density, advanced security, and flexible connectivity, into easily managed platforms.
These versatile and cost-effective solutions support fast, secure, and highly-available, data center and branch operations, with unmatched performance to deliver some of the industry’s best price-performance ratios and lowest TCOs.
WatchGuard XTM Series by WatchGuard
An Unrivaled Class in Security
WatchGuard's Next-Generation Firewall (NGFW) advances the state of the art in security, manageability, and compatibility with real-world business environments. WatchGuard's NGFW products provide true line-speed security inspection on all traffic and support multi-gigabit packet filtering throughput. In addition, the NGFW line provides Application Control; connects offices via unique drag-and-drop VPN; connects people via SSL and IPSec VPN; and gives the enterprise unparalleled visibility into real-time and historical user, network, and security activities. With WatchGuard's NGFW, businesses can define, enforce, and audit strong security and acceptable use policies, resulting in increased employee productivity and less risk to critical intellectual property or customer data.
What is a Next-Generation Firewall?
A platform for network traffic inspection and network security policy enforcement, with the following minimum features:
PA Series Firewalls by Palo Alto Networks
Palo Alto Networks offers a full line of next-generation security appliances that range from the PA-200, designed for enterprise remote offices, to the PA-7050, which is a modular chassis designed for high-speed datacenters. Our platform architecture is based on our single-pass software engine and uses function-specific processing for networking, security, threat prevention, and management to deliver predictable performance. The same firewall functionality that is delivered in the hardware appliances is also available in the VM-Series virtual firewall, allowing you to secure your virtualized and cloud-based computing environments using the same policies applied to your perimeter or remote office firewalls.
McAfee Firewall Enterprise by McAfee
Overview McAfee Firewall Enterprise defends critical assets, such as regulated data repositories (customer, financial, and healthcare data), email and web servers, extranets, and data centers. This proxy-based firewall also offers application visibility and deep application controls for defense, delivers strong policy-based controls, blocks the latest threats, and eliminates unwanted traffic. Firewall Enterprise identifies users and sees the host applications actually used to initiate network connections. A first for the network security industry, this unique host and firewall integration works to identify potential anomalies and threats throughout the inside of an organization’s network.
Advanced firewall security capabilities, such as application identification, reputation-based global intelligence, automated threat feeds, encrypted traffic inspection (SSH/SSL), intrusion prevention, antivirus, and content/URL filtering, block attacks before they occur. Unlike other solutions, McAfee includes these additional security services at no additional charge.
Firewall Enterprise also includes enhanced firewall security powered by McAfee Global Threat Intelligence (GTI). McAfee GTI is a comprehensive cloud-based threat intelligence service. Already integrated into McAfee security products, it works in real time, 24 hours a day, to protect customers against cyberthreats across all vectors — file, web, message, and network. McAfee GTI offers the broadest threat data, most robust data correlation, and most complete product integration in the industry. McAfee’s GTI network allows enabled products to evaluate threats on multiple vectors in real time, leading to faster identification of threats and higher capture rates. Firewall Enterprise uses the McAfee GTI network connection reputation service to identify domains, IP addresses, and ports that may be hosting malware attacks, and block those attacks. Firewall Enterprise also uses web reputation to identify URLs that may be infected or hosting malware attacks, as well as sites hosting undesirable content.
McAfee also offers proven centralized management, right-click integration with ePolicy Orchestrator (McAfee ePO) software for endpoint data and mature migration tools to move from legacy firewalls to ours. Firewall Enterprise fully supports McAfee’s SIEM solutions too, including McAfee Enterprise Security Manager and McAfee Event Reporter, providing customizable views and reports for all firewalls across a customer’s global network. This high-assurance firewall solution offers very flexible deployment options — from virtualized software to custom-built hardware to availability on the Crossbeam high-performance platform and running on CloudShield’s trusted cyber platform. Firewall Enterprise is a best fit for organizations that need high-assurance security to protect critical assets inside the network as part of a layered defense strategy.
McAfee Firewall Enterprise Control Center (sold separately) — Offers centralized, enterprise-class network firewall policy management for global-scale deployments.
Next-Generation Firewall by Sophos
New SG Series Appliances
Unleash the full potential of your network.
Our latest SG Series appliances are built to provide optimal performance, versatility and efficiency to meet all your security needs.
Advanced Threat Protection
Our Advanced Threat Protection (ATP) combines multiple technologies to add an additional layer of defense against targeted attacks on your network.
Dynamic App Control
In a couple clicks you can protect your employees from web threats and control their time online.
Web Malware Protection
You get the most advanced web threat protection:
Our hardware appliances are purpose built, high-performance devices. They integrate our security applications with a hardened operating system (OS) on optimized Intel-compatible server systems.
Customizable Web Filtering
Select from over 35 million sites in 96 categories to create safe web browsing policies—so you can minimize legal concerns around inappropriate content and maximize productivity.
FortiGate High Performance Firewall Platform by Fortinet
Whether you need to deploy a High Performance Data Center Firewall, an Enterprise Next Generation Firewall or a smaller UTM device for your Distributed Enterprise site or small business, there is a FortiGate physical or virtual appliance to fit your unique Network Security requirements.
We combine the FortiOS™ Operating System with custom FortiASIC™ processors and the latest-generation CPUs to provide advanced protection from sophisticated, highly targeted attacks, without becoming a network bottleneck.
Fortinet’s Network Security Platforms can serve many different roles in your enterprise network:
Barracuda Firewall by Barracuda Networks
Easy to deploy, easy to use, and affordable
The Barracuda Firewall provides all next-generation application control and user identity functions in an easy-to-use and affordable solution. It outperforms traditional firewalls and UTMs by integrating a powerful next-generation firewall appliance with scalable cloud content security. While the appliance is optimized for bandwidth-sensitive tasks like packet forwarding and routing, Layer 7 application control, Intrusion Prevention (IPS), DNS/DHCP services, and VPN connectivity, the cloud component handles processor-intensive tasks like virus scanning, content filtering, and reporting.
The affordable, all-inclusive pricing model requires no per-user, per-module, or VPN license fees, simplifying the investment in network and content security. Administration is easy with an intuitive web interface and free, cloud-based central management. The combination of ease-of-use, powerful next-generation features, and affordability makes the Barracuda Firewall the perfect fit for small and medium-sized businesses.
The Barracuda Firewall anchors Barracuda’s modular security framework, which integrates purpose-built, best-of-breed, highly scalable security solutions to protect users, networks, and data center applications. Components like web and email security, web application security, and secure remote access integrate with the firewall, and can be centrally managed for aggregated visibility and control. Paired with consistent user interfaces and common administrative workflows, this approach provides a comprehensive security posture, simplified administration, and a highly scalable architecture.
NG Firewall Vx by Barracuda Networks
Improving Performance, Availability, and Security of Distributed Networks
The Barracuda NG Firewall Vx is a virtual appliance providing the same powerful technology, comprehensive features, and ease-of-use found in the Barracuda NG Firewall appliance. It is ideally suited for organizations that are standardizing hardware platforms or deploying virtual environments. Beyond its powerful network firewall, IPS, and VPN technologies, the Barracuda NG Firewall Vx integrates a comprehensive set of next-generation firewall technologies, including Layer 7 Application Control, availability, and traffic flow optimization across the wide area network, web filtering, antivirus, anti-spam, and network access control enforcement.
Cloud offerings like Amazon EC2 and Windows Azure depend on highly secure environments within the cloud. The Barracuda NG Firewall Vx is ideal for securing use of these cloud services – connecting on-premises networks to the cloud and connecting logically separated components within the cloud datacenters.
NG Firewall by Barracuda Networks
Improving Performance, Availability, and Security of Distributed Networks
The Barracuda NG Firewall is an enterprise-grade next-generation firewall that was purpose-built for efficient deployment and operation within dispersed, highly dynamic, and security-critical network environments
In addition to next-generation firewall protection, it provides industry-leading operations efficiency and added business value by safe-guarding network traffic against line outages and link quality degradation.
User identity and application awareness are used to select the best network path, traffic priority, and available bandwidth for business-critical traffic. In case of line failure, the Barracuda NG Firewall can transparently move traffic to alternative lines and keep traffic flowing.
The Barracuda NG Firewall meets enterprise requirements of massive scalability, efficient configuration and lifecycle management across dispersed networks, and performance guarantees for business-critical applications. The concept of integrated WAN optimization coupled with industry-leading centralized management results in significantly lower overall operational cost for multi-site deployments.
All policies, client, and device settings are centrally managed and tracked by the Barracuda NG Control Center.
Security Without Compromise
The Cisco ASA 5500-X Series helps organizations to balance security with productivity. It combines the industry's most deployed stateful inspection firewall with comprehensive, next-generation network security services, including:
Wide Range of Sizes and Form Factors
Protect networks of all sizes with MultiScale performance and a wide range of form factors. Cisco ASA 5500-X Series Next-Generation Firewalls are available as:
Proven, Enterprise-Class Platform
All Cisco ASA 5500-X Series Next-Generation Firewalls are powered by Cisco Adaptive Security Appliance (ASA) Software, with enterprise-class stateful inspection and next-generation firewall capabilities. ASA software also:
The Dell™ SonicWALL™ E-Class Network Security Appliance (NSA) Series is an industry first—using patented Reassembly-Free Deep Packet Inspection™* (RFDPI) technology in combination with multi-core specialized security microprocessors to deliver gateway anti-virus, anti-spyware, intrusion prevention and Application Intelligence at high speed—without sacrificing network performance.
Multi-core performance architecture.
The Dell SonicWALL E-Class NSA Series delivers powerful threat prevention against a vast spectrum of network attacks with unprecedented speed, thanks to multi-core performance architecture. Through the concurrent use of up to 16 specialized security processing cores, the E-Class NSA is engineered to provide breakthrough deep packet inspection and granular network intelligence over real-time network traffic without impacting network performance. Utilizing the processing power of these multiple cores in unison dramatically increases throughput and simultaneous inspection capabilities while lowering overhead impact.
Taking protection to new levels of control is the Dell SonicWALL Application Intelligence Service, a set of customizable protection tools that empowers administrators with precise control over network traffic. This configurable set of granular application-specific policies can automate bandwidth management, control internal and external Web access, restrict transfer of specific files and documents, scan email attachments through user-configurable criteria and support custom signatures.
Designed for highly redundant operations, E-Class NSA appliances are ideal solutions for wired or wireless deployments requiring high-speed access and heavy workgroup segmentation. With integrated support for standards-based VoIP, virtual local area networks (VLANs), enterprise-class routing and quality of service (QoS), E-Class NSAs increase deployment flexibility and enhance productivity.
Dynamic threat protection, content filtering and Application Intelligence services are continually updated on a 24x7 basis to maximize security and decrease cost. IT productivity is increased by eliminating ad-hoc patch management for servers and workstations, automating the application of new protection signatures and removing the necessity to manually update security policies.