A Next-Generation Firewall (NGFW) is a hardware or a software based network security platform that is a part of the third generation of firewall technology. NGFWs can prevent sophisticated attacks by enforcing security policies at the application level as well as at the port and protocol levels. NGFWs typically combine a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), and an intrusion prevention system (IPS). Most modern day NGFWs include a proxy with the ability to perform HTTPS decryption and to forward traffic through an Internet Content Adaptation Protocol (ICAP) connection to an external server or device for inspection (typically on a specified ICAP port). This allows administrators to take some of the strain off of the NGFW and free up resources, enabling the NGFW to focus on on things that only it can do.
MetaDefender ICAP Server leverages ICAP to offload specific Internet based content from the firewall and focus on preventing known and unknown threats from entering your corporate network.
Any firewall that supports ICAP can be integrated with MetaDefender Core via MetaDefender ICAP Server, since ICAP is a generic wrapper protocol to process HTTP traffic.
Device or appliance specific implementation will, however, most likely require extensive testing before use in production.
By combining a next generation firewall with MetaDefender ICAP Server, organizations can benefit from a consolidated and integrated platform that can protect their network traffic, while ensuring that the appropriate information security policy is applied on both incoming and outgoing web traffic.