The 'legacy' firewall is redundant due to its inability to block malware, do deep packet inspection and reduce application risk exposure.
Speaking at Dell World in Austin, Texas, Daniel Ayoub, product marketing manager for Dell SonicWall, said in his presentation 'Preparing for the future: why legacy firewalls just do not cut it' that due to the holes in legacy firewalls, they are 'unable to stop malware and any type of attacks on internet today'.
Ayoub said: “The traditional firewall doesn't expect Layer 7 content and it is not looking at what is inside packets, just at the packets. There is holes in the firewall and it is unable to stop malware.”
Ayoub also said that legacy firewalls are 'blind' to applications as they are unable to identify on their content in order to throttle them. “Applications like Facebook and Skype come in over port 80, while business applications like Salesforce and Microsoft are all coming into the network whether you want them to or not,” he said.
“Now you allow almost anything in and with a legacy firewall, there is no way to throttle bad applications. A next generation firewall will help to solve this and also decrypt traffic on the fly. If you go to site which is compromised, a traditional firewall will not detect what is going on.”
Statistics from Gartner said that fewer than five per cent of internet connections are secured using a next generation firewall, Ayoub said that this is not a fad or trend, it is the way that the industry is going.
He finally pointed at the next generation firewall's capability to do deep packet inspection for advanced detection of threats, as he said it will examine the content and make decisions based upon that.