Author: Luciano D'Amico
A next generation firewall is the convergence of an intrusion prevention system and new firewall technologies such as deep packet inspection . The Next Generation Firewall accomplishes all of the functionality of a traditional firewall, and adds more robust security to help prevent against malicious users. By combining the functionality of an intrusion prevention system, the firewall has the ability to identify attacks in real time . The deep packet inspection allows the firewall to gain more information from the incoming packets which allows more intelligent filtering rules.
The fundamental role of a firewall is to control traffic between two parts of a network . It is a crucial component of an organizations security policy since it determines which packets are allowed to enter and leave the internal network. Firewalls can be hardware or software based, and many organizations employ a combination of both types . Like many other types of technologies, firewall technology has been increasing rapidly. To this point there are three distinct generations of firewall technology .
Deep packet inspection is a form of computer network packet filtering that examines the data part of a through-passing packet to determine if the packet can pass . This is in contrast to shallow packet inspection (usually called just packet inspection) which just checks the header portion of a packet . Using deep packet inspection, a firewall has the ability to look at layer 2 through layer 7 of the OSI model . These are the data link, network, transport, session, presentation, and application layers. This allows the firewall to inspect the headers of the packets as well as the data protocol structures. Regular firewalls can only drop or reject a packet. With next generation firewalls a packet can be redirected, marked/tagged, blocked, rate limited, and reported to a reporting agent in the network .
An intrusion prevention system is a computer security device that exercises access control to protect computers from exploitation . The latest Next Generation Firewalls leverage their existing deep packet inspection engine by sharing this functionality with an intrusion prevention system . Intrusion prevention systems were invented in the late 1990s to resolve ambiguities in passive network monitoring by placing detection systems in-line . Intrusion prevention systems make access control decisions based on application content, rather than IP address or ports as traditional firewalls do. Different types of intrusion prevention systems include content based, protocol analysis and rate based .
Intrusion Prevention Systems
 Next Generation Firewalls
 Deep Packet Inspection
802.11 Wireless Security
Wireless Ad-hoc Network Intrusion Detection System
Isolations for Security
Tools for Linux Security