Introduction
About This Book
Foolish Assumptions
How This Book Is Organized
1. Understanding the Evolution of Network Security
2. Defining the Application and Threat Landscape
3. Recognizing the Challenges of Legacy Security Infrastructures
4. Solving the Problem with Next-Generation Firewalls
5. Deploying Next-Generation Firewalls
6. Ten Evaluation Criteria for Next-Generation Firewalls
Glossary
Icons Used in This Book
Where to Go from Here
1. Understanding the Evolution of Network Security
Why Legacy Firewalls Are No Longer Effective
Data Leakage Is a Problem
Compliance Is Not Optional
2. Defining the Application and Threat Landscape
Applications Are Not All Good or All Bad
Applications Are Evasive
Threats Are Coming Along for the Ride
3. Recognizing the Challenges of Legacy Security Infrastructures
Whatever Happened to the Firewall?
Port-based firewalls have poor vision
Bolt-on functionality is fundamentally flawed
Firewall “helpers” don’t help
Traditional IPS Is a Poor Match for Today’s Threats
UTM Only Makes What Is Broken Cheaper
It’s Time to Fix the Firewall
4. Solving the Problem with Next-Generation Firewalls
The Next-Generation Firewall
Application identification
User identification
Content identification
Policy control
High-performance architecture
What a Next-Generation Firewall Isn’t
Benefits of Next-Generation Firewalls
5. Deploying Next-Generation Firewalls
Safe Enablement through Smart Policies
Employee controls
Desktop controls
Network controls
Defining Your Requirements and Developing an RFP
Deployment Flexibility Matters
Addressing Mobile and Remote Users
6. Ten Evaluation Criteria for Next-Generation Firewalls
Identify Applications, Not Ports
Identify Users, Not IP Addresses
Identify Content, Not Packets
Visibility
Control
Performance
Flexibility
Reliability
Scalability
Manageability
Glossary