Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,230 --> 00:00:09,720 In this section we are going to take a look to the next generation firewalls and the IP guys firewalls 2 00:00:09,810 --> 00:00:14,510 are as standard security tool for the majority of companies. 3 00:00:14,520 --> 00:00:23,010 But in today's changing threat landscape next generation firewalls are the only firewalls that can provide 4 00:00:23,040 --> 00:00:24,990 proper protection. 5 00:00:25,060 --> 00:00:31,940 The former firewalls were just able to perform some protocol inspections and port inspections. 6 00:00:32,220 --> 00:00:41,990 But these did pack inspection firewalls are moving beyond Port protocol inspection and blocking to add 7 00:00:42,000 --> 00:00:49,560 the application level inspection intrusion probation and bragging bringing intelligence from outside 8 00:00:49,560 --> 00:01:00,080 the firewall so as the name suggests next generation firewalls are a more advanced version of the traditional 9 00:01:00,080 --> 00:01:02,800 firewall and they offer some benefits. 10 00:01:02,810 --> 00:01:11,180 But next generation firewall has some advanced features like regular firewalls next generation firewall 11 00:01:11,180 --> 00:01:19,490 use both static and dynamic packet filtering and weeping and support to ensure that all connections 12 00:01:19,520 --> 00:01:28,040 between the network internet and firewall are valid and secure both firewall types should also be able 13 00:01:28,040 --> 00:01:34,100 to translate to network and port addresses in order to map eyepiece. 14 00:01:34,100 --> 00:01:41,430 There are also fundamental differences between the traditional firewall and next generation firewalls. 15 00:01:41,450 --> 00:01:50,120 The most obvious difference between the two is next generation firewalls ability to filter packets based 16 00:01:50,240 --> 00:01:52,560 on application skies. 17 00:01:52,640 --> 00:02:01,280 These firewalls have extensive control and visibility of applications that is able to identify using 18 00:02:01,360 --> 00:02:04,130 analysis and signature matching. 19 00:02:04,160 --> 00:02:12,230 So that means for example a if you want to block Skype in a network or if you want to block Facebook 20 00:02:12,230 --> 00:02:19,670 in a network or any other application you can do it with the next generation firewall which is not possible 21 00:02:19,670 --> 00:02:23,210 to do it with a traditional firewall. 22 00:02:23,210 --> 00:02:32,600 And also they can use swipe lists or a signature based IP as to distinguish between safe applications 23 00:02:32,630 --> 00:02:39,410 and unwanted ones which are then identified using SSL decryption. 24 00:02:39,410 --> 00:02:48,170 Unlike most traditional firewalls next generation firewalls also include a path through which feature 25 00:02:48,170 --> 00:02:50,810 updates will be received. 26 00:02:50,810 --> 00:02:58,820 And let's go ahead with the benefits of next generation firewalls and next generation firewall performs 27 00:02:58,850 --> 00:03:05,380 traditional firewall features like state for firewall filtering net and VPN termination. 28 00:03:05,510 --> 00:03:12,270 And it's also providing us application visibility and control. 29 00:03:12,290 --> 00:03:18,900 This feature looks deep into the application layer data to identify the application. 30 00:03:19,100 --> 00:03:27,650 For instance it can identify the application based on the data rather than put number to defend against 31 00:03:27,800 --> 00:03:31,370 attacks that use random port numbers. 32 00:03:31,370 --> 00:03:41,180 Next Generation firewall also provide advanced malware protection guys and GSW platforms through multiple 33 00:03:41,180 --> 00:03:50,540 security services not just as a platform to run a separate service but for better integration of functions 34 00:03:50,990 --> 00:03:59,210 and network based anti malware function can run on the firewall itself blocking the files files transfers 35 00:03:59,240 --> 00:04:05,900 that will install malware and saving copies of files for later analytics. 36 00:04:05,900 --> 00:04:13,920 Also next generation firewalls can provide you are L filtering this feature exam mines. 37 00:04:13,940 --> 00:04:14,720 There you are. 38 00:04:14,720 --> 00:04:24,050 Else in each rep request categorizes the URLs and either filters or rape limits the traffic based on 39 00:04:24,050 --> 00:04:25,790 rules. 40 00:04:25,820 --> 00:04:35,450 Also next generation firewalls can run their NGO IP as next generation IP as feature along with their 41 00:04:35,450 --> 00:04:36,160 firewall. 42 00:04:36,770 --> 00:04:45,830 Let's talk about the IP as intrusion prevention system also an IP address is a network security threat 43 00:04:45,920 --> 00:04:53,930 prevention technology that Exim minds the network traffic flows to detect and prevent vulnerability 44 00:04:54,020 --> 00:05:03,050 exploits while durability exploits usually come in the form of malicious inputs to a target application 45 00:05:03,080 --> 00:05:12,380 or service that attackers use to interrupt and gain control of an application or mission following a 46 00:05:12,380 --> 00:05:20,780 successful exploit the attacker can disable the target application or can potentially access to all 47 00:05:20,780 --> 00:05:30,410 the rights and permissions available for the compromised the application the IP is guys often sits directly 48 00:05:30,410 --> 00:05:39,800 behind the firewall and provides a complementary layer of analyses that negatively selects for the dangerous 49 00:05:39,800 --> 00:05:49,430 content and also I need to tell this one a IP as is not as separate hardware in today's networks and 50 00:05:49,490 --> 00:06:00,520 most of are integrated the fire was so unlike its predecessor the intrusion detection system idea as 51 00:06:01,150 --> 00:06:06,690 which is a passive system that scans traffic and reports back on threats. 52 00:06:06,760 --> 00:06:15,670 The eyepiece is placed to inline actively analyzing and taking automated actions on all traffic flows 53 00:06:15,700 --> 00:06:17,480 that enter the network. 54 00:06:17,590 --> 00:06:27,250 Specifically these actions include like sending an alarm to administrator dropping the malicious packets 55 00:06:27,550 --> 00:06:36,040 blocking traffic from the source address and resetting the connection as an inline security component. 56 00:06:36,040 --> 00:06:43,010 The IP is must work efficiently to avoid degrading network performance. 57 00:06:43,060 --> 00:06:49,830 It must also work fast because exploits can happen in near real time. 58 00:06:49,960 --> 00:06:59,020 The IP address must also detect and respond accurately so as to eliminate threats and false positives 59 00:07:02,580 --> 00:07:09,930 and the IP as guys has a number of detection methods for finding exploits. 60 00:07:09,930 --> 00:07:17,880 But signature based detection and statistical anomaly based detection are the two dominant mechanisms 61 00:07:18,450 --> 00:07:27,570 signature based detection is based on a dictionary of uniquely identifying patterns or signatures in 62 00:07:27,570 --> 00:07:33,690 the code of each exploit as an exploit is discovered. 63 00:07:33,840 --> 00:07:41,960 It is signature is recorded and stored in a continuously growing dictionary of signatures. 64 00:07:42,090 --> 00:07:47,790 Signature detection for IP is breaks down into two types. 65 00:07:47,790 --> 00:07:50,930 First exploit facing signatures. 66 00:07:50,970 --> 00:08:00,000 Identify individual exploits by triggering on the unique patterns of a particular exploit attempt. 67 00:08:00,000 --> 00:08:08,400 The IP address can identify specific exploits by finding a match with an exploit facing signature in 68 00:08:08,400 --> 00:08:10,080 the traffic stream. 69 00:08:10,080 --> 00:08:18,450 And second while liability facing signatures are broader signatures that target the underlying vulnerability 70 00:08:18,450 --> 00:08:21,730 in the system that is being targeted. 71 00:08:21,840 --> 00:08:29,490 These signatures allow the networks to be protected from variants of an exploit that may not have been 72 00:08:29,820 --> 00:08:39,090 directly observed in the wild but also raise the risk of false positives and also IP as can provide 73 00:08:39,090 --> 00:08:41,680 statistical anomaly detection. 74 00:08:42,000 --> 00:08:50,760 Statistical anomaly detection takes samples of network traffic at random and compares them to a pretty 75 00:08:50,760 --> 00:08:53,630 calculated baseline performance level. 76 00:08:53,630 --> 00:08:55,690 That is a really really cool feature. 77 00:08:55,700 --> 00:09:04,620 Guys when the sample of network traffic activity is outside the parameters of baseline performance the 78 00:09:04,660 --> 00:09:08,040 eyepiece takes action to handle the situation. 9197