March 6, 2018

Firewalls exist to connect people to the internet. Let's make them more human- and web-centric

Jim Fulton

Network firewalls play a critical role in today’s enterprise. They are the linchpins that enable people to connect – safely – from corporate networks to websites and applications anywhere on the Internet. “Next generation” firewalls (or NGFWs) were initially created to provide more visibility into this most fundamental action, but most have only scratched the service.

All enterprise-grade firewalls emit raw data about what’s happening and provide a little bit of information about who is associated with which devices. But one of the main goals of the Forcepoint Human Point System is to help organizations understand the rhythm of their people and the flow of their data. To do this, we’re changing our network security products in several significant ways.

Our newest software for our next generation firewalls (which also act as SD-WAN and IPS solutions), Forcepoint NGFW 6.4, puts the tracking and ultimately understanding of users’ LAN, WAN and Internet behavior right at the core of what we do. Available to partners and customers for downloading from our Support Portal in early March, this new version enables organizations connect the dots and take a more human-centric approach to securing their people as they use Web sites and apps.

Network Security Starts with Understanding Users’ Behavior

With NGFW 6.4, network security admins can more clearly see and understand the rhythm of their people as they use network resources. New interactive user dashboards bring together information from a variety of sources (including event logs, managed endpoint context, local user identity, and application usage). These unified views combine with new user-centric alerts to enable abnormal behavior to be spotted more easily and potential problems to be averted quickly.


NGFW 6.4 User Dashboard Overview

NGFW 6.4 User Dashboard User Detailed View


Making Web Security Even Stronger with Cloud Service Chaining

Forcepoint NGFW has long focused on delivering an unparallelled breadth and depth of security. While most modern enterprise firewalls provide anti-virus scanning and some level of intrusion detection and prevention, Forcepoint NGFW does much more. We pioneered the defense against evasion techniques, and our IPS capabilities beat out even standalone IPS devices in NSS Labs’ most recent NGIPS tests. Our Sidewinder proxy technology protects many of the most sensitive networks in world. And, our URL Filtering is powered by Forcepoint ThreatSeeker Intelligence, which is trusted by thousands of enterprises.

Now, we’re excited to announce that with NGFW 6.4, we’re incorporating a new approach that enables our firewalls to work seamlessly with Forcepoint Web Security Cloud, the industry’s most secure web-gateway-as-a-service to provide even deeper protection. Now, web traffic can automatically be redirected to the Web Security Cloud using the same “Smart Policies” that Forcepoint NGFW customers use to turn their business processes into security controls.  

This much simpler and more powerful approach makes it easier to protect web traffic without having to configure proxy settings at every endpoint. And, it works seamlessly with our high availability clustering, deep stream inspection and Multi-Link VPN technologies. Forcepoint Web Security Cloud enables uniform security policies to be applied to all users, whether they are on-premises or roaming. And, with Forcepoint’s advanced service chaining, our cloud services can work together, enabling further security capabilities in Forcepoint CASB and DLP to be added in minutes. Talk about thinking “outside the box.”

Ongoing Enhancements

NGFW 6.4 also introduces a variety of other enhancements that make a great firewall even better. Government users will appreciate having Common Access Card support in our Security Management Center (SMC), and certifications are under way for FIPS 140-2 Level 2, Common Criteria, and DODIN APL. Cloud devops and their security teams will enjoy being able to automatically scale up their virtual firewalls along with their workloads.

For more information about our network security products, please see our Forcepoint NGFW product pages.

Jim Fulton

Jim Fulton serves as VP Product Marketing & Analyst Relations, focused on SASE, SSE and Zero Trust data security. He has been delivering enterprise access and security products for more than 20 years and holds a degree in Computer Science from MIT.

Read more articles by Jim Fulton

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.