This month marks the 25th anniversary of the firewall and, like a parent looking back on the life of his children, I wonder where the time went. The McAfee Infographic that depicts the “lifetime’ of the firewall is open on my laptop and I’m a little nostalgic as I remember the events that were part of its evolution. Then, one milestone in particular catches my eye. The infographic illustrates that the discussion around the need for a so-called Next Generation Firewall (NGFW) began with Gartner as early as 2003.
I think back ten years and remember how often the term “next generation’ was thrown around in marketing circles. Back then, the industry was claiming that all an enterprise really needed to do to create a NGFW was to add an intrusion prevention system (IPS). But, being entrenched in the technology, most of us knew this wasn’t really the answer – especially the way threats were advancing.
Then in 2009, Gartner published its definition and a paper on “Defining the Next-Generation Firewall.” According to its definition, NGFWs are:
“…deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall. An NGFW should not be confused with a stand-alone network intrusion prevention system (IPS), which includes a commodity or non-enterprise firewall, or a firewall and IPS in the same appliance that are not closely integrated.”
It its paper, the Gartner authors explain that “Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks.” So, yes, discussions started in 2003 around the NGFW, but the technology really didn’t get on the right track until Gartner defined it.
Our answer to truly creating a Gartner-defined NGFW was McAfee’s acquisition of Stonesoft in 2013 – which I notice was not depicted on the Infographic. You see, Stonesoft really introduced the industry’s first future-proof next generation security engine – security built to protect organizations from new threats and targeted attacks including Advanced Evasion Techniques (AETs).
AETs enable malware to circumvent virtually all security defenses – rendering most security solutions defenseless because they can’t detect, much less stop them. At that time, although McAfee already designed and deployed its own high-assurance firewall, we knew we needed a solution that could meet the needs of an entirely new larger enterprise segment and defend against growing AETs.
The evolution won’t end with Stonesoft. Now, with the unique Stonesoft technology strongly integrated within McAfee, we are full-steam ahead with our McAfee NGFW development efforts, which integrate application control, IPS and evasion prevention into a single, purpose-built solution. It is the only next-generation firewall solution to combine anti-evasion security with enterprise-scale availability and manageability. It’s flexible – with the ability to change from a next-generation firewall to a L2 firewall, IPS, and firewall/VPN.
I think the story is just beginning. Looking back is pretty fun, but I have to say that looking forward is what really makes me excited. I’m ready to celebrate a new generation of security – and 25 more years of technology that will make this NGFW a thing of the past.