NGFW has been the cornerstone of network security for the past two decades. It applies deep packet inspection (DPI) and multiple security engines to inspect both inbound and outbound traffic and enforce a company’s security policy. The main characteristic of a NGFW is application awareness: the ability to detect and enforce policies on application usage based on packet content rather than packet headers (source and destination IP addresses, ports, and protocols).
Legacy networks with SD-WAN appliances don’t address security needs and, to achieve the functionality of NGFW, enterprises need to install discrete appliances at the network edge, adding complexity to network management and maintenance. A cloud-native NGFW delivers a powerful, application-aware, enterprise-grade, elastic and scalable solution without the challenges of legacy appliance-based solutions.