October 3, 2017

Making network security more human-aware, from the office edge of the cloud

Jim Fulton

Forcepoint is rethinking cybersecurity by focusing on the Human Point, where people and data intersect. Our Next Generation Firewall (NGFW) brings this approach into network security, providing the industry’s strongest security, smartest manageability, and highest availability for connecting and protecting users and the information they need.

Today we’re releasing a new version of the software – Forcepoint NGFW 6.3 – that powers our firewall, IPS, and other network security solutions. This new version provides more visibility into users’ actions and enforces security policies that are based on those actions. These same policies now can be used in Microsoft Azure on our virtual NGFW to protect apps and services running in the cloud. And, we’ve integrated key parts of our CASB technology to help in discovering cloud application usage and the relative levels of risk that each app entails.

Making Firewalls Aware of Users’ Actions within the Endpoint

Forcepoint NGFW 6.3 is now available for customers to download from our support portal and deploy in minutes via our Security Management Center. With it, our firewalls can now work with endpoint systems to continuously know:

  • Who is actually using the endpoint device,
  • What is the status of operating system and key security services, and
  • Which specific programs are being run on the endpoint to access the network.

Having this information in one place simplifies the admin’s job, but the real power comes from making security policies more user-aware. While most firewalls can do things like “allow the Social Media Group to connect to Facebook, but block everyone else,” Forcepoint NGFW is taking it several steps further.

We can reliably know about local users, not just domain logins. We can enforce NAC-style requirements (“AV must be on and up-to-date”) for access. And, we can do whitelisting and blacklisting of specific endpoint applications (“block use of IE 7-10 but allow IE 11” or “block all programs except for POSAPP.EXE on these point-of-sale systems”) without the need for separate products. And of course they can be combined so that controls can be more closely tailored to the business processes they are meant to express.

Making network security more human-aware

Controlling Access by Endpoint Application and Version

Extending Protection into Microsoft Azure and Hyper-V

Today’s hybrid enterprise consumes and produces applications from the cloud as well as internally. Securing access to all of these applications consistently, without introducing gaps or silos, is crucial to preventing breaches and keeping costs from spiraling out of control.

Forcepoint customers can now use our virtual NGFW to protect applications running in Microsoft Azure in the public cloud or on Hyper-V-based private cloud systems with the same policies, dashboards, and reports as the rest of their network. Whether you’re controlling in/out access, connecting apps running in Azure to databases running in Amazon Web Services, or protecting a microsegmented software-defined network with the latest in IPS technology, Forcepoint NGFW gives you the full security and manageability that our firewalls are known for.

CASB-style Cloud Application Discovery

Our NGFW is part of the broader Forcepoint Human Point System. With Forcepoint NGFW 6.3, we’ve adapted part of the technology from our Cloud Application Security Broker (CASB) to use our firewall’s existing log data to discover which cloud apps are being used by each user – and what level of risk each app might pose. This can give admins quick insight into their network’s risk profile and provides a first step toward complementing their NGFW with the added protection offered by our CASB.

NGFW is part of the broader Forcepoint Human Point System


Cloud Application Discovery Report

NGFW 6.3 Adds Other Enhancements

The NGFW 6.3 release also extends Forcepoint’s firewall and IPS capabilities in other ways:

  • Expanded Sidewinder Proxy Protection for Mission-Critical Apps – Forcepoint NGFW now includes the ability to protect HTTP/HTTPS applications as well as SSH, FTP/SFTP, TFTP and DNS services.
  • L2/L3 Mixed-Mode Deployment – With 6.3, you can use one Forcepoint NGFW appliance in two ways, simultaneously, to save time, money and effort. One set of interfaces can be inspecting LAN traffic with our industry-leading IPS while others are being protected with firewalling.
  • Additional Flexibility for Managing Approvals – SMC users can now be granted permission to approve Pending Changes, simplifying 2-person change management processes.
  • Route-based VPN – MSSPs and others will appreciate being able to set up route-based VPNs within domains.
  • More than a dozen display and administrative enhancements – IT personnel can even more efficiently see what is happening across their VPNs, log servers, management consoles and even 3rd party devices through numerous automation and user experience improvements in the SMC.

You can learn more about our NGFW software, what customers are saying about it, and what makes it different here.

Jim Fulton

Jim Fulton serves as VP Product Marketing & Analyst Relations, focused on SASE, SSE and Zero Trust data security. He has been delivering enterprise access and security products for more than 20 years and holds a degree in Computer Science from MIT.

Read more articles by Jim Fulton

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.