Palo Alto Networks President and CEO, Lane Bess, is looking at a rosy future for the company and its ‘next generation’ firewall (NGFW) solutions. “As switches and routers are essential for the network, so too will be Palo Alto security products,” he said recently during a visit to Singapore.

According to Bess, the NGFW is essential for the ‘new’ Internet and the threats that Web 2.0 brings as traditional firewalls are proving insufficient.

In a 2009 report, Gartner used the term "next- generation firewall" to indicate the necessary evolution of a firewall to deal with changes in both the way business processes use IT and the ways attacks try to compromise business systems. These next generation firewalls can detect application-specific attacks and enforce application-specific granular security policy, both inbound and outbound. According to Gartner they are expected to grow in importance and become essential for deployment at the network perimeter, overtaking standalone IPS appliances.

With the use of NGFW, an organization can determine the applications running over the network, verify the level of access a user should have and scan the packets sent and received for any threats.

Palo Alto is not the only company working on NGFWs. Other security vendors like Fortinet are also looking at application layer security appliances but Patrick Bedwell, vice president, product marketing at Fortinet recently said in a contributed opinion piece that in his opinion, NGFWs are a subset of the existing unified threat management (UTM) systems market, or even simply the next step on the continued evolution of traditional firewalls.

Gartner believes that changing threat conditions, business and IT processes will drive network security managers to look for NGFW capabilities at their next firewall/IPS refresh cycle. The key to successful market penetration by NGFW vendors will be to demonstrate first-generation firewall and IPS features that match current first-generation capabilities while including NGFW capabilities at the same or only slightly higher price points.

And according to Bess, Palo Alto Networks will be at the forefront of this.

“The question that founded the company is if we knew how the Internet would be used, how would we build the firewall?” Bess said. He explained that when the first businesses first ventured into the Internet, they never envisioned technologies like web 2.0, the impact of social networking and the threats that they could bring. “For example, many businesses are against allowing staff to access them at work, but they do offer value to business like Facebook, Skype, and online banking. What is needed is for businesses to better understand what is running over the network, to see and control applications, users, and content,” he added.