MSP Checklist for Evaluating NGFW Performance

When evaluating next generation firewalls (NGFWs), IT teams must balance performance, scalability, and advanced capabilities with cost efficiencies.

  • April 7, 2022 | Author: Allison Bergamo
Learn More about this topic

Article Key

During the pandemic, your clients’ IT teams breathed a sigh of relief after deploying remote work initiatives for their teams – often within a matter of hours. Fast forward two years and the same IT teams are evaluating the performance of their existing firewalls with new security and performance requirements. When evaluating next generation firewalls (NGFWs), they must balance performance, scalability, and advanced capabilities with cost efficiencies. Here are seven factors you should consider when evaluating NGFW performance for your clients.

1. IPSec VPN performance
Work from Anywhere (WFA) is critical for boosting your clients’ workforce productivity and employee engagement. Encrypted sessions not only ensure the confidentiality and integrity of sensitive company data in transit but also ensure that all traffic between remote and the public internet is monitored and protected by the organization’s existing cybersecurity infrastructure.
Optimizing your clients’ WFA environments requires support for secure connections called IPsec or secure sockets layer (SSL) VPN tunnels. An NGFW must sustain the user connections and the encrypted traffic load regardless of the users’ locations.
2. Threat protection performance
An NGFW should scale to meet your clients’ performance demands with complete threat protection including intrusion prevention, antivirus, application control and more. When evaluating NGFWs, carefully review a vendor’s documented threat protection performance claims.
3. SSL inspection capacity
Ninety-five percent of all traffic is now encrypted. This is great news for hackers who can take advantage of your clients by stealing their data, launching ransomware, or inserting malware into encrypted packets. While SSL decryption and inspection can intercept malware, it can result in reduced throughput. All NGFWs experience some impact in throughput with SSL turned on. However, look for NGFWs that offer predictable performance with minimal degradation in speed.
4. Price vs. performance
The pandemic caused many organizations to spend unplanned budget on tools and technology for their newly remote workforces. They are looking to you for guidance on the best NGFW that offers performance with a high TCO. While many NGFW vendors increase the size of their firewalls to boost performance, it often comes at a higher price. The best NGFW solutions combine price and performance with a smaller technology footprint. These can often address your clients’ security needs while helping them optimize their spend.
5. Third-party validation 
Today’s B2B buyers are self-educators who value their research as much as the information you offer. Augment their findings with clear, impartial research from recognized third-party evaluators such as Gartner and NSS Labs. Be prepared to serve as an objective “sense maker,” to help your clients understand all the information they’ve gathered.
6. Seamless visibility and control
Security teams often waste valuable time toggling between multiple dashboards to assess vulnerabilities, respond to threats, and ensure their systems are optimized. Help your clients avoid these time wasters by offering an NGFW as part of a broad, integrated security architecture that enables seamless, real-time sharing of threat information across network devices and the ability to received threat intelligence automatically. Your clients’ network and IT teams will thank you.
7. Future-proof technology
Your clients IT leaders are also business leaders who are tasked with delivering technology solutions that optimize their spend and are right sized for future growth. Look for an NGFW that combines high performance, scalability, and flexibility to meet future business demands while maximizing your clients’ investments. 
NGFWs are critical for threat protection and preserving business continuity for your clients. The right NGFW empowers their security teams to monitor expanded IT environments - from the network edge to the data center – while gaining visibility into users, endpoint devices, applications, and security threats across networks. By evaluating NGFW based on these seven considerations, you can provide your clients with a solution that meets their current needs and serves as the foundation for future digital transformation.

Related Content