Professor Wool

In this lesson, Professor Wool examines next-generation firewalls and the granular capabilities they provide for improved control over applications and users.

In this lesson, Professor Wool examines the pros and cons of whitelisting and blacklisting policies and offers some recommendations on policy considerations.

Next generation firewalls (NGFWs) allow you to manage security policies with much greater granularity, based on specific applications and users, which provides much greater control over the traffic you want to allow or deny. Today, NGFWs are usually deployed alongside traditional firewalls. Therefore change requests need to be written using each firewall type’s specific terminology; application names and default ports for NGFWs, and actual protocols and ports for traditional firewalls. This new lesson explains some of challenges of writing firewall rules for a mixed firewall environment, and how to address them.

As part of the blacklisting approach to application security, most NGFW vendors now offer their customers a subscription based service that provides periodic updates to firewall definitions and signatures for a great number of applications especially the malicious ones. In this lesson, Professor Wool discusses the pros and cons of this offering for cyber threat prevention. It also discusses the limitations of this service when home-grown applications are deployed in the enterprise, and provides a recommendation on how to solve this problem.