“Next Generation” or “NG“… Two magic letters used by more and more v€ndor$ to promote new versions of their products… Next Generation firewalls, Next Generation SIEM, Next Generation IDS. They are many examples. Google reports 34M of hits while searching for “next generation security“! In my humble opinion, “next generation” security products can be compared to the “bio” consumer products. “Next Generation” is a pure marketing term. Security must always evolve. New threats are discovered every months (days?) and security products must adapt to protect our assets. Will you buy a product just because it is stamped “Next Generation”?
Your security issues must be properly analyzed and only after you choose the right solution which matches your technical, business and all different types of requirements. After a review of the different available solutions, if a Next Generation device is the best solution, go for it! Example: if you’ve a lot of mobile users and you need to deploy granularity in your policies like “users belonging to group A may surf the web” or “users belonging in group B may access this mail server“, chose a Next Generation firewall which can be linked to a users directory. Otherwise, they are risks to introduce complexity.
This post was in my draft folder for a while. I released it just before the opening of infosecurity.be in Brussels. This is a very commercial/marketing event where all security actors are parked in one place. All v€ndor$ will promote they new “revolutionary” products. Don’t be fooled, if you’re looking for a security solution, take your time, grab some docs, come back to home and take some reflexion time! Just my $0.02.
In some cases, NG Next Generation reflects a change in management/ownership, as is the case in aircrack-ng open source software. When the original project leader Christoph Devine had to leave for personal reasons, Mister_X took over and the project added the NG to it’s name. This was an important and accurate change.