virtual firewalls are implemented in software

 Perhaps more importantly, because virtual firewalls are implemented in software, the set-up, maintenance, support, and operational requirements for security administrators will be necessarily lower than for their physical counterparts. For this reason, we recommend and make the case below that virtual firewalls are an excellent option to help close visibility gaps for enterprise traffic inspection, analysis, and response.

Evolved from original five-tuple security devices pioneered by companies such as Checkpoint and Cisco, the NGFW continues to serve as an architectural chokepoint for securing organization resources, even in the presence of shifts to more software-defined virtual perimeters. For many teams, the purchase of a commercial firewall platform can easily rise to the top of their overall cyber security portfolio budget spend.

Most commonly, this involves running the firewall as a conventional packet-oriented device versus taking full advantage of application-level inspection and filtering capabilities. Security experts refer to this approach as operating the firewall at layer 3 (routing) versus operating at layer 7 (application). Making matters worse is that an increasing percentage of end-to-end traffic, both into and out of an enterprise, is now encrypted using secure sockets layer computer science vs computer programming or transport layer security (TLS). While this is effective at preventing data in transit from being disclosed to unauthorized adversaries, it complicates the task of collecting and interpreting data to make security decisions. The resulting lack of visibility degrades a security team’s ability to take proper action.