Hi there, I am putting together a list of evaluation criteria for firewalls. After doing my research I’ve come across this list of capabilities and would like your feedback. Are there items on this list that are outdated or that are missing? Any feedback is appreciated.
Core capabilities
-
IDS/IPS functionality
-
Network Antivirus & Anti-Spyware
-
Anti-Bot
-
APT protection - Sandboxing
-
Behavioural Analysis
-
DDOS protection
-
Context aware
-
DLP functionality
Deployment options
-
High availability
-
Support Routed and Transparent mode
-
Support for Virtualized environment
Integration with
-
Threat Intelligence
-
Network Policy Management tools
-
Network Monitoring Tools
-
Security Incident and Event Management (SIEM) Tools
-
Identity Access Management
-
Central Authentication
-
Supports Certificates based authentication
-
Ticketing System
-
Industry Best Practices
-
Development or scripting tools
-
Automation tools
Additional Functionality
-
SSL VPN
-
Application control
-
IPv4/IPv6 support
-
NAT functionality
-
2-FA authentication
-
DHCP functionality
-
SSL traffic decryption support
-
Bandwidth Management
-
Centralized management and Administration console
-
Site to Site IPSec VPN support
-
Reverse proxy functionality
-
DNS proxy functionality
-
Stateful engine support for all protocols in TCP/IP stack
-
URL filtering
-
Hardened OS & purpose built chassis hardware
-
Support for static and dynamic routing protocols
-
Application Intelligence for TCP/IP protocols (telnet, Ftp, etc)
*** Others?**
