next gen firewall youtube video. i think cis can do all of this but not sure

Not really. CIS is a basic stateful firewall, which essentially means means it controls access to and from the network via addresses, ports and protocols. A Next Generation firewall appliance takes the traditional stateful inspection to a much higher lever by controlling access by application and user policies. Basically, a next gen firewall is able to detect and control an application regardless of which port or protocol is used or whether it’s encrypted.

Read the original Gartner report Defining the Next - Generation Firewall

ok cool. it would be awesome if comodo worked towards this but still have an address, protocol and port column for the advanced users. do you know if comodo has something like this in the works

All the things you would expect to find in a standard fire wall still remain in the ‘next generation’ firewalls but they also provide more sophisticated controls, such as deep packet inspection, intrusion prevention, numerous types of policies that can easily associate network activity/application with individual users etc etc.

These types of firewall are, currently at least, fairly sophisticated network appliances that cost a great deal of money and are really aimed at Enterprise environments - although there are a few such as Kerio Cintrol and Untangle that are relatively inexpensive - not SOHO type situations. However, adding some of the features found in these appliances to SOHO firewall/security/gateway type devices may be something we’ll see for free :slight_smile: one day…

Here an article on NGF with references to actual vendors: