This unique ability empowers you to safely enable applications, make informed decisions on network access, and strengthen your network security.
Next-generation firewalls provide flexible deployment options for your network. Firewall platforms, available in hardware and virtualised platforms, support the same consistent next-generation firewall features available in PAN-OSTM. In addition, Panorama management platforms for centralised policy and device management over a network of next-generation firewalls are also available in both virtualised and hardware platforms.
Aspire offers a range of next-generation firewalls. Find out how our firewalls safely enable your business, improve network security, and simplify your workload.
Key safe enablement requirements:
- Identify applications, not ports. Classify traffic, as soon as it hits the firewall, to determine the application identity, irrespective of protocol, encryption, or evasive tactic. Then use that identity as the basis for all security policies.
- Tie application usage to user identity, not IP address, regardless of location or device. Employ user and group information from enterprise directories and other user stores to deploy consistent enablement policies for all your users, regardless of location or device.
- Protest against all threats—both known and unknown. Prevent known vulnerability exploits, malware, spyware, malicious URLs while analyzing traffic for, and automatically delivering protection against highly targeted and previously unknown malware.
- Simplify policy management. Safely enable applications and reduce administrative efforts with easy-to-use graphical tools, a unified policy editor, templates, and device groups.
Product feature list:
- Application Visibility & Control (ACC)
- User Visibility & Control
- APT Prevention
- Command & Control
- Passive DNS
- Data Filtering
- Policy Control
- Automated Correlation Engine
- Exploit Protection
Network Security Management
System & Deployment
- Network Integration
- Virtual Systems
- Integration and Automation
The next gen firewall is a high-performance network security appliance that adds intrusion prevention, application and user visibility, SSL inspection, and unknown threat detection to the traditional firewall.
- Enforce security policies with granular control and visibility of users and devices for thousands of discrete applications
- Identify and stop threats with powerful intrusion prevention beyond port and protocol that examines the actual content of your network traffic
- Perform high-performance SSL inspection using industry-mandated ciphers
- Proactively detect malicious unknown code using our cloud-based sandbox service
- Provide you with real-time views into network activity with actionable application and risk dashboards and reports
- Deliver superior, multi-function performance by running on purpose-built appliances with custom ASICs
Easy deployment and lower cost of ownership
Growing complexity in security infrastructure puts a huge strain on the efficiency of the security organization. Operators must constantly update firewall policies, build and provision new network resources and test the effects of changes on the network at large. Worse, the data they need to monitor is scattered in different silos. But with a single, consolidated view of the security infrastructure, security professionals can do more work with less stress and redundancy, thus reducing operational expenditures.
Consolidation and integration of multiple security appliances using a Next Generation Threat Prevention methodology results in greater efficiency and lower costs. According to an analysis by Lippis Consulting in 2015, Next Generation Threat Prevention from Check Point is one-half to one-third the cost of multi-vendor security implementations.