Today's targeted threats are often multi-vectored and exploit unknown vulnerabilities - their sophistication defying typical signature-only based inspection. Whether APTs or client-side threats, they use evasive techniques to penetrate our organizations, often purporting to be or riding on applications and exploiting trust relationships with which we've grown all too comfortable with. To make matters worse, attackers have realized the inadequacies of traditional signature-based approaches and have accelerated the pace of change and obfuscated their code through polymorphic techniques. By doing so they can circumvent traditional security protections.
As a result, companies are increasingly turning to application-layer defenses with the theory that, by reducing the attack surface, security teams can more narrowly focus remediation efforts and preventative measures. Witness the genesis for the current 'next-generation' security platform. One relatively new arrival, the next-generation firewall (NGFW), typically combines the ability to identify and control application use with classic firewall functions. However, there is wide variance in what 'next-generation' really encompasses. This paper identifies four crucial components that many deem elementary to true next-generation security technology and that are required for effective protection from today's advanced threats.