Solutions
Selection and comparison of IT productPrice calculatorROI calculatorsBonus for reference
Catalogs
ProductsDeploymentsCompaniesDEALSCategories
For VendorsBlog
EN
EN
RU
Armenia
Austria
Azerbaijan
Belarus
Czech Republic
Estonia
Georgia
Germany
Kazakhstan
Kyrgyzstan
Latvia
Lithuania
Moldova
Poland
Russia
Slovakia
Switzerland
Tajikistan
Turkmenistan
Ukraine
United Kingdom
United States
Uzbekistan
B2B platform for IT buyers, vendors and suppliersCategoriesSoftwareSystem Infrastructure SoftwareSecurity SoftwareNGFW - next-generation firewall

NGFW - next-generation firewall

NGFW - next-generation firewall

A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.

NGFWs typically feature advanced functions including:

  • application awareness;
  • integrated intrusion prevention systems (IPS);
  • identity awareness -- user and group control;
  • bridged and routed modes;
  • the ability to use external intelligence sources.

Of these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.

Like the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.

The different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.

NGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.

The most popular products in category NGFW - next-generation firewall All category products

Forcepoint NGFW
Forcepoint
3
9
3
Barracuda NextGen Firewall (NGFW)
Barracuda Networks
4
0
5
Juniper Next-Generation Firewall (NGFW)
Juniper Networks
3
5
1
Barracuda CloudGen Firewall
Barracuda Networks
0
14
0
Check Point Next Generation Firewall (NGFW)
Check Point
0
1
1
Palo Alto Networks next-generation firewall (NGFW)
Palo Alto Networks
0
16
0
Cisco ASA NGFW (Adaptive Security Appliance Software)
Cisco
5
20
4
Fortinet FortiGate NGFW
Fortinet
4
12
19
Huawei Next-Generation Firewall
Huawei
0
12
20
F5 Big-IP Advanced Firewall Manager
F5 Networks
1
2
3
Sophos Next-Generation Firewall
Sophos
0
9
19
Cyberoam Next Generation Firewall
Cyberoam
0
7
6

Compare of products in the category NGFW - next-generation firewall

Please turn the screen for optimal content display

Compare: NG Firewall

Add more
Characteristics

Antivirus and antispyware functions

IDS/IPS availability

Functionalities

Bot protection

DDOS protection

Data Leak Prevention

Network behavior analysis support

Sandboxing support

Context-aware policy

Application level attacks protection (Application Intelligence)

Two-factor authentication (2FA)

Certificates based authentication

Available proxy modes

Management

Deployment options

Integrations

OS and hardware

  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • Application control
  • Decrypting SSL traffic
  • URL filtering
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • N/A
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • Decrypting SSL traffic
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • N/A
  • SSL VPN remote access
  • Application control
  • IPv4/IPv6 protocols
  • Hiding adresses with NAT
  • DHCP
  • IPSec Site to Site VPN tunnels
  • Stateful TCP/IP stack
  • URL filtering
  • Configuring static and dynamic routing
  • Application control
  • Decrypting SSL traffic
  • URL filtering
  • Reverse proxy
  • DNS proxy
  • N/A
  • Reverse proxy
  • Reverse proxy
  • N/A
  • N/A
  • N/A
  • Reverse proxy
  • DNS proxy
  • Reverse proxy
  • N/A
  • Reverse proxy
  • Reverse proxy
  • Reverse proxy
  • DNS proxy
  • Reverse proxy
  • DNS proxy
  • DNS proxy
  • Reverse proxy
  • DNS proxy
  • N/A
  • Reverse proxy
  • DNS proxy
  • DNS proxy
  • Bandwidth
  • Configuration console
  • N/A
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • N/A
  • Bandwidth
  • N/A
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • Configuration console
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • Bandwidth
  • Configuration console
  • N/A
  • Bandwidth
  • Configuration console
  • Bandwidth
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • High availability
  • N/A
  • High availability
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • Routed/Transparent mode
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • High availability
  • Virtualized environment
  • High availability
  • Routed/Transparent mode
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • N/A
  • High availability
  • Routed/Transparent mode
  • Virtualized environment
  • N/A
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • N/A
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • N/A
  • Active Directory
  • Threat Intelligence
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • N/A
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • Threat Intelligence
  • Active Directory
  • SIEM
  • IAM
  • AAA-servers
  • Network security policy management
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • Active Directory
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • N/A
  • Threat Intelligence
  • Active Directory
  • SIEM
  • AAA-servers
  • Network security policy management
  • N/A
Found mistake? Write us.

Vendors NGFW - next-generation firewall

Cisco
AUT...
  • AUT
  • AUS
  • BRA
  • CAN
  • CHN
  • DEU
  • ESP
  • FRA
  • GBR
  • HUN
  • MEX
  • NOR
  • POL
  • SGP
  • UKR
  • USA
31
7
125
31
42
0
Check Point
AUT...
  • AUT
  • AUS
  • BEL
  • BRA
  • CAN
  • CHE
  • CHN
  • CZE
  • DEU
  • DNK
  • ESP
  • FIN
  • FRA
  • GBR
  • GRC
  • HUN
  • ISR
  • IND
  • ITA
  • NLD
  • NOR
  • PRT
  • ROU
  • SWE
  • USA
7
2
0
Wise IT
UKR
254
0
0
1
0
11
Palo Alto Networks
ARE...
  • ARE
  • AUT
  • AUS
  • BEL
  • BRA
  • CAN
  • CHE
  • CHN
  • CZE
  • DEU
  • DNK
  • ESP
  • FIN
  • FRA
  • GBR
  • GRC
  • IDN
  • ISR
  • IND
  • ITA
  • JPN
  • KOR
  • MEX
  • MYS
  • NLD
  • NOR
  • NZL
  • PHL
  • PRT
  • QAT
  • SAU
  • SWE
  • SGP
  • THA
  • TUR
  • TWN
  • USA
  • VNM
7
1
0
Cyberoam
All countries
2
0
0
Sangfor Technologies
CHN
1
0
0
1
0
0
Untangle
USA
1
0
0
H3C Technologies
CHN
1
0
0
1
0
0
Clavister
SWE
1
0
0
1
0
0
Cato Networks
ISR
1
0
0
1
0
0
ENEA Qosmos Division
FRA
2
0
0
2
0
0
SEVEN
UKR...
  • UKR
  • USA
1
0
0
1
0
0
Botstatz
IND...
  • IND
  • USA
0
0
0
SIGA OT Solutions
USA
1
0
0
1
0
0
InnoTech Solutions
USA
0
0
0
0
0
0
Hillstone Networks
All countries
0
0
0
0
0
0
NeuVector Inc.
All countries
1
0
0
1
0
0
Perimeter 81
ISR
1
0
0
1
0
0
Esdenera Networks
All countries
1
0
0
1
0
0
Array Networks, Inc.
USA
0
0
0
0
0
0
Intersoft Data Labs
USA
0
0
0
0
0
0
PixelPlex
USA
1
0
0
TechAvidus
USA
0
0
0
H-X Technologies
UKR
5
0
0
5
0
0
LogiGear
USA
1
0
0
1
0
0
IntexSoft
DEU...
  • DEU
  • KAZ
  • POL
0
0
0
0
0
0
Nuvista Technologies Pte. Ltd.
SGP...
  • SGP
  • USA
0
0
0
NetSPI LLC.
All countries
1
0
0
1
0
0
Astvision
MNG...
  • MNG
  • USA
0
0
0
0
0
0
Your Team in India
USA
0
0
0
NCC Group
All countries
0
0
0
0
0
0
Cloud MLM Software
IND...
  • IND
  • USA
0
0
0
0
0
0
Impressico Business Solutions
USA
0
0
0
0
0
0
Multipz Technology
IND...
  • IND
  • USA
0
0
0
Yellow
USA
1
0
0
PureDome
USA
1
0
0
1
0
0

F.A.Q. about NGFW - next-generation firewall

What is a next-generation firewall (NGFW)?

A NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.

Intrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.

Application control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).

Materials

next-generation firewall (NGFW)

https://searchsecurity.techtarget.com/definition/next-generation-firewall-NGFW

What is a firewall? – How it works and what it does

https://www.quostar.com/blog/what-are-firewalls-faq/
Delete

Are you sure you want to delete ?

Yes
No