Generally customers would look at the next generation firewall (NGFW) for a start. But NGFWs still rely on third-party vendors to provide traditional anti-virus and IPS signatures, reputation analysis, and URL blacklists which approaches that have proven incapable of stopping advanced threats. Quite simply, if the NGFW doesn’t have a signature for an attack, it won’t detect the attack. Next-generation threat protection must have signature-less technology to detect the attacks that rely on unknown vulnerabilities, and they need real-time inbound and outbound protections to stop known attacks and data exfiltration attempts. To effectively combat next-generation threats, organizations need systems that have the intelligence to assess threats across vectors, including Web and email.
NGFWs deliver improvements over many legacy firewall products. However, firewalls, old and new, are fundamentally designed to enforce acceptable use policies around known ports, protocols, and applications. They offer no real protection against dynamic attacks that cut across communication channels to break into the network. So, by relying on signatures and backward-looking black lists—they are still poorly equipped to contend with advanced malware, zero-day, and targeted APT attacks. To thwart the advanced attacks that are successfully penetrating their defenses, organizations need next-generation threat protection that is signature-less with dynamic code execution to detect the unknown.
So, when a customer needs more protection regarding unknown platform, they usually consider FireEye. Because FireEye is well established than NGFW in the field of APT detection. FireEye products share the latest intelligence and correlate across attack vectors to detect and prevent cyber attacks.
Download FireEye Solutions for Different Sectors