member sign-in
Forgot password? Create new account Close

Enterprise Network Firewall

Definition

The Network Enterprise Firewalls are defined as standalone purpose-built firewall appliances with IPSec VPN capabilities, capable of delivering extensive firewall and management capabilities for securing the perimeter access. Enterprise firewalls incorporate also IPS technologies, replacing perimeter IPS as well. Further integration with more application and user awareness protection capabilities are also emerging on these firewalls. This combination is known as Next-Generation Firewalls. 

User Benefits

The user benefits can be cuantified as:

1. Deployment advantages:

  • Single point of control at the edge / perimeter for access
  • Application and user awareness for both inbound and outbound traffic
  • IPSec VPN consolidation of all branch communication
  • Physical separation of the DMZ, trust and untrust zones

2. Virtualization

  • Device virtualization (multi-tenancy, virtual systems, security contexts) for independent operation with individual security needs for different business divisions
  • Separate administrators for each virtual system can tailor security and access policies for each group, thus offering a more granular level of control and security.

3. Linear performance and scalability

  • Chassis with blade systems offers linear performance and scalability on demand, as more blades are added to the chassis
  • Chassis architecture offer also the possibility to add supplemental functionalities to NGFW (next generation firewalls), like IPS, web applications security, antivirus, antispam etc, with no performance degradation

Business Impact

Since the Enterprise Network Firewalls are single point of control, several deployment considerations are to be considered: 

  • Proper dimensioning in order to withstand large-scale attacks
  • Proper dimensioning for IPS and other application and user awareness functionalities
  • Comprehensive reporting capabilities for audit purposes
  • Easy to deploy access policies in order to effectively deploy and not to impact business functionality.
  • Chassis systems offer investment protection, as the performance and scalability of the system can be easily cuantified
  • Hardware blades architectures are the most reliable architectures, since the deployed performance is usual close to the advertised vendor performance characteristics
  • UTM capabilities are usually performed by 3rd party dedicated solutions, and the integration is done very tight and standardized to some extent.

Products supporting this technology

McAfee
  • manufacturer
  • Gigabit interfaces
  • UTM Capabilities
  • VPN throughput
  • Concurrent sessions
  • Firewall throughput