Network World - If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."
Palo Alto earns short list status
Firewall managers like to use the term "5-tuple," borrowing "tuple" from the world of databases. The "5-tuple" means the five items (columns) that each rule (row, or tuple) in a firewall policy uses to define whether to block or allow traffic: source and destination IP, source and destination port, and protocol.
For example, to allow traffic to a Web server at 1.2.3.4 from the Internet, a typical 5-tuple would include source IP and port of "any" (or "*"), destination IP of 1.2.3.4, destination ports of 80 and 443, and destination protocol of TCP with an action of "allow." There's variation in every firewall on the market, but at the core of every one you'll find a set of rules that look more-or-less like that: 5-tuples.
Next-generation firewalls "widen" the firewall rule base by adding elements (columns) to each 5-tuple, starting with "application" and "user identity" and perhaps going wider still, factoring in other elements such as "reputation."
Read more about wide area network in Network World's Wide Area Network section.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
