Real-time network protection thanks to next-generation firewalls (NGFW)
To keep up with the ever-changing threat landscape and identify, investigate, and block modern cyberthreats such as targeted attacks, ransomware, advanced persistent threats etc., firewalls need sophisticated technologies to ensure accurate and real-time network protection. With the immense growth in web-based applications, today’s network security devices not only need to understand the network, but they also need to be fluent in the language of applications – they must be “application-aware”. Identifying an application, its services, or its application family using advanced deep packet inspection (DPI) technology allows firewalls to become intelligent, providing granular visibility and real-time analytics to ensure the highest level of security. Expand your traditional firewall functions by integrating DPI to provide your clients with next-generation firewalls, including more layers of the OSI model.
Intelligent routing and advanced application security with future-proof deep packet inspection software
Our high-performing DPI engine R&S®PACE 2 reliably and accurately identifies and classifies thousands of applications and network protocols and extracts valuable metadata in real time. Previous perimeter security only looked at the packet header information. Adding R&S®PACE 2 to network security solutions, however, allows you to go beyond the header using multiple classification methodologies. These include machine learning and deep learning to achieve reliable and accurate IP traffic classification. The metadata extraction of R&S®PACE 2 features insights into categories such as the host, location, certificates, and version type. Moreover, by collecting metrics such as packet size, packet timing, jitter, latency and throughput, the DPI engine brings a wealth of network data. This data is necessary for enabling you to detect threats – such as malicious content, application-specific issues, illegal statements, general trends – and to match custom criteria, which removes the traffic inspection blind spots that plague networks today. In addition, our DPI engine is highly flexible, scalable and easy-to-integrate, making it an ideal fit for modern distributed networks.
Prevent application layer attacks with next-generation firewalls (NGFW)
The application layer is the layer closest to the end user. Therefore, it offers the largest landscape for hackers to launch an attack. Some examples of application layer attacks are:
- Distributed denial-of-service attacks (DDoS) / HTTP floods
- Cross-site scripting (XSS)
- SQL injections
Most organizations have solid security in place – at their network level, but not at their application level. Protection strategies such as web application firewalls (WAF) are designed to inspect the entire packet and ensure application layer security. A DPI-based next-generation firewall (NGFW) enhances the pre-existing security solution and improves filtering on more layers of the OSI model.
A DPI-enabled firewall with application visibility enables
- Fine-grained application control to block threats like malicious file transfers
- Detection of obfuscated connections, such as DNS tunneling or P2P-file-sharing
- Analyzing anonymization protocols, such as TOR or well-known VPN clients
- Profile-based anomaly detection facilitating the identification of suspicious protocol usage in user profiles to prevent stolen or leaked information
- Deception-based security measures to provide a layer of protection and stop attackers
- Fine-grained network access control (NAC) to reduce access from and to the internet and internal network resources to the minimum
For a full list of DPI-enabled firewall functionalities, download our whitepaper “Why network security requires deep packet inspection”.
PACE 2 features and capabilities for next-generation firewalls
- High flexibility and scalability to meet the customer’s system requirements.
- Most accurate classification on the market, making it possible to quickly manage network traffic volumes, detect encrypted applications and ensure network speed.
- Weekly protocol and application signature updates to stay up-to-date and ensure accurate classification at all times.
- Smallest processing footprint with the most efficient memory and simplest CPU integration in the industry.
Benefits of advanced OEM DPI for firewalls
- Manage large network traffic volumes
- Gain deeper insights into applications and network traffic
- Quickly and accurately identify applications and protocols
- Classify VPN protocols with market-leading coverage
- Preserve bandwidth and speed up business-critical applications to ensure business continuity
- Reduce costs associated with developing, implementing, QA-testing and maintaining an in-house DPI
- Guarantee real-time security and policy control
Rely on advanced OEM deep packet inspection software by ipoque developed and optimized for your needs to bring your firewall solution to the next level.