The Next Generation Firewall

The Policy and Security Control Point

A Kubernan Brief

by Jim Metzler, Kubernan
Published December 2007, Posted January 2008



In the IT industry, the phrase next generation is used quite frequently. Vendors often use the phrase to describe an upgrade to one of their products. In most cases, the only difference between the upgraded product and its predecessor is that the upgraded product has somewhat increased performance or supports some new feature or two. A truly next generation product should be fundamentally different than anything that is currently available on the market. However, just being fundamentally different is not that compelling. Implicit in the definition of next generation is that the product does a significantly better job of solving a problem that IT organizations truly care about than is done by the existing generation of products.

Security has been an important issue for IT management for the last two decades. However, as will be described in this brief, over that time frame both the types and the sophistication of security threats have increased significantly. Unfortunately, the traditional firewall is built on some key assumptions that were valid twenty years ago, but no longer are valid. As a result, the current generation of firewalls cannot adequately protect organizations from the existing and emerging set of security threats.

The goal of this brief is to describe the existing and emerging set of security threats and will discuss the limitations of the current generation of firewalls. This brief will also describe what is needed in a next generation firewall to ensure that the product can do a fundamentally better job of protecting the organization from security threats than is possible with the current generation of firewalls.

As part of the creation of this brief, two IT professionals were interviewed. One is a network architect for a global semiconductor company and the other is the senior director of IT at a medical center. They will be referred to in this brief as The Global Architect and The Senior Director respectively.

bullet Access/Download Brief
bullet Approx. 70 kB
bullet Click here for help with .pdf downloads. 
bullet Return to Kubernan Gold Sponsor Briefing
bullet Return to Security Briefings

Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Please encourage colleagues to download their own copy after registering at