Which of the following additional capabilities does a next generation firewall provide beyond a standard network firewall? (Choose two.)
A.
Application control B.
User identification C.
Network address translation D.
Virtual private networking E.
High availability F.
Access control rules.
AB.
Which of the following additional capabilities does a next generation firewall provide beyond a standard network firewall? (Choose two.)
A.
Application control
B.
User identification
C.
Network address translation
D.
Virtual private networking
E.
High availability
F.
Access control rules.
AB.
A next generation firewall (NGFW) is a more advanced type of firewall that offers additional capabilities and features beyond those of a standard network firewall.
The two capabilities that a next generation firewall provides beyond a standard network firewall are:
A. Application Control: NGFWs go beyond just examining the ports and protocols used by network traffic. They are also capable of inspecting the content of the traffic to identify the specific application or service being used, such as HTTP, FTP, BitTorrent, or Skype. This allows the NGFW to enforce security policies at a more granular level and control access to specific applications based on the organization's security policies.
B. User Identification: NGFWs can also identify the specific user associated with each network session, even if they are using shared credentials. This allows for user-specific access control and auditing, providing greater visibility into who is accessing what resources on the network.
C. Network Address Translation (NAT): While NAT is a feature found in most network firewalls, it is not unique to NGFWs. NAT allows private IP addresses to be translated into public IP addresses for communication over the Internet.
D. Virtual Private Networking ( VPN): Similarly, VPN functionality is not unique to NGFWs but is commonly included as a feature. VPNs allow for secure remote access to the network, encrypting traffic over the Internet.
E. High Availability: High availability (HA) refers to the ability of the NGFW to maintain its functionality even in the event of hardware or software failure. This is achieved through redundancy and failover mechanisms, allowing for continuous operation of the firewall.
F. Access Control Rules: Access control rules are a fundamental feature of any firewall, including NGFWs. They allow administrators to define policies that dictate what traffic is allowed or denied on the network based on various criteria, such as source IP address, destination IP address, port number, or application.
In summary, NGFWs provide additional capabilities beyond standard network firewalls, such as application control and user identification, allowing for more granular security policies and auditing. Other features commonly found in NGFWs include NAT, VPN, HA, and access control rules.