惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
The GitHub Blog
The GitHub Blog
美团技术团队
Know Your Adversary
Know Your Adversary
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The Register - Security
The Register - Security
Stack Overflow Blog
Stack Overflow Blog
Attack and Defense Labs
Attack and Defense Labs
G
Google Developers Blog
I
InfoQ
博客园 - 司徒正美
T
Troy Hunt's Blog
Google DeepMind News
Google DeepMind News
J
Java Code Geeks
MongoDB | Blog
MongoDB | Blog
博客园 - 聂微东
A
About on SuperTechFans
云风的 BLOG
云风的 BLOG
S
Security Affairs
M
MIT News - Artificial intelligence
Simon Willison's Weblog
Simon Willison's Weblog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Tailwind CSS Blog
量子位
Vercel News
Vercel News
月光博客
月光博客
V
Vulnerabilities – Threatpost
N
News and Events Feed by Topic
Hugging Face - Blog
Hugging Face - Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
L
LangChain Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
LINUX DO - 最新话题
F
Full Disclosure
The Hacker News
The Hacker News
Hacker News: Ask HN
Hacker News: Ask HN
T
Tor Project blog
A
Arctic Wolf
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Forbes - Security
Forbes - Security
IT之家
IT之家
Apple Machine Learning Research
Apple Machine Learning Research
B
Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Y
Y Combinator Blog
GbyAI
GbyAI
B
Blog RSS Feed
V
Visual Studio Blog
T
The Blog of Author Tim Ferriss
F
Fortinet All Blogs

Search Security Resources and Information from TechTarget

How to operationalize threat modeling with AI | TechTarget CISO First fully agentic ransomware attack sparks readiness concerns | TechTarget Evaluating secure enterprise browsers vs. security plugins | TechTarget The AI vulnerability storm is here: Is your security program ready? | TechTarget Perimeter to posture: A roadmap to zero trust maturity | TechTarget TLS certificate lifetime changes: What CISOs must do now | TechTarget The agentic AI 8 key aspects of a mobile device security audit program | TechTarget Why mobile security audits are important in the enterprise | TechTarget Beyond the perimeter: The shift to data-centric protection | TechTarget How agentic AI threat intelligence aids NGO cyber defense: Case study | TechTarget How to conduct a mobile app security audit | TechTarget NO FAKES Act advances: What CISOs need to know | TechTarget What CISOs should know about AI runtime security | TechTarget As Q-Day looms, 90% of systems are unprepared for PQC | TechTarget A CISO Most security pros say their culture is Zscaler lays out its vision to secure the AI era at Zenith Live | TechTarget The OpenClaw security risks every CISO needs to know | TechTarget Cloud security metrics and KPIs: A CISO Florida public sector training on SimSpace cyber range: Case study | TechTarget Reporters' Notebook — Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security It's time to update incident response for the AI era How to build AI security guardrails without blocking innovation The prosecution gap: Why cybercrimes go unpunished AI in cyberdefense: Learning from threat actors' playbooks Top identity and access management risks CISO role changes as cyber-risk appetites in the C-suite grow CISO's guide to data minimization Researchers build autonomous AI worm that can reason and adapt How to secure data at rest, in use and in motion How to find cyber-risk data sources for a FAIR analysis Lost in translation: Cybersecurity board reporting for CISOs How to prepare security controls for future AI regulations EO 14390 raises stakes for enterprise cybersecurity First month of Mythos Preview testing exposes 10K flaws OT attacks shift from recon to physical control, raising stakes For CISOs, dawn of OpenAI Daybreak brings good and bad news Gartner Security & Risk Management Summit 2026: Adapting for AI | TechTarget Inside business email compromise attacks: Real-world examples Verizon 2026 DBIR: 6 key takeaways for CISOs Identity security for AI agents: The proliferation challenge How to build a business impact analysis checklist Taking care of business: The CISO's role in a cyber crisis What CISOs need to know about AI audit logs SOC vs. MDR: What CISOs need to consider Instructure cyberattack reignites ransom payment debate Transform SIEM rules with behavior-based threat detection CISO's guide: How to test an incident response plan How to implement zero trust for AI Data after the breach: Economics of the dark web The breakup: Why CISOs are decoupling data from their SIEMs | TechTarget News brief: Security worries and warnings as AI use expands How to construct an effective security controls evaluation 5 leading enterprise password managers to consider Claude Mythos changes the AI security threat matrix Buyer 6 things to check in your cyber insurance policy fine print How cyber insurance helped with breach recovery -- or not News brief: Critical infrastructure, OT cybersecurity attacks Tape's strategic role in modern data protection Top zero-trust use cases in the enterprise What every CISO should consider before a SIEM migration CISO's guide to centralized vs. federated security models Shadow code: The hidden threat for enterprise IT How to fix cybersecurity's agentic AI identity crisis 5 top SIEM use cases in the enterprise Top 8 e-signature software providers for 2026 How do digital signatures work? News brief: AI woes continue for security leaders Deepfake era demands proof-based security, not just awareness Is SOAR dead or alive? Sort of The push for digital sovereignty: What CISOs need to know Beyond awareness: Human risk management metrics for CISOs Cybersecurity in the age of AI means bigger, faster threats At RSAC 2026, AI optimism and anxiety -- and an MIA U.S. government Inside the SOC that secured RSAC 2026 Conference How to roll out an enterprise passkey deployment How to improve the SOC analyst experience -- and why it matters How contact centers detect and prevent fraud News brief: Iranian cyberattacks target U.S. water, energy CISO checklist: Cybersecurity platform or marketing ploy? RSAC 2026 Conference: Key news and industry analysis | TechTarget Contact center monitoring best practices for CX leaders RSAC 2026: Cyber insurance and the rise of ransomware Agentic AI's role in amplifying and creating insider risks RSAC 2026 recap: AI security and network security trends Identity security at RSAC 2026: The new enterprise dynamics Meaningful metrics demonstrate the value of cyber-resiliency What to know about red team testing and the law News brief: Iran cyberattacks escalate, U.S. targets named 5 top SOC-as-a-service providers and how to evaluate them Cloud security architecture: Enterprise cloud blueprint for CISOs Contact center compliance checklist for modern workforces How AI caught a malicious North Korean insider at Exabeam Watch your words: Tim Brown's advice for CISOs News brief: U.S. absence at RSAC sparks leadership concerns Network security management challenges and best practices 10 enterprise secure remote access best practices
Next-generation firewall buyer's guide for CISOs
2026-04-09 · via Search Security Resources and Information from TechTarget

Article 1 of 3

Part of: CISO's roadmap to next-generation firewall adoption

NGFWs are crucial tools for modern security operations, but CISOs need to understand the often complex deployment, maintenance and budgeting implications.

Karen Kent

By

Published: 09 Apr 2026

CISOs are well aware that next-generation firewalls protect their organizations by detecting a wide variety of security incidents, responding to cyberattacks, monitoring network activity and enforcing enterprise policies. NGFWs are also necessary when organizations embrace zero-trust architectures.

To take advantage of everything NGFWs have to offer, security leaders must balance deployment architecture planning, budgeting and ROI. Let's examine some best practices to help CISOs successfully deploy and maintain their NGFW.

Deployment architecture

Most NGFW products are available in multiple deployment models: hardware appliances, software to install on an organization's hardware, cloud-based software and cloud-based SaaS. In most cases, an organization can use these models within a single deployment architecture. For example, this might include a SaaS NGFW to monitor cloud-based network traffic, an NGFW hardware appliance to monitor traffic in on-premises data centers, and a single interface to manage all NGFWs.

Designing the deployment architecture necessitates choosing which deployment model to use at logical network ingress and egress points, including boundaries between two organizational networks. Factors to consider include the following:

  • Scalability. CISOs must consider the organization's future scaling needs. For example, choose a software-based NGFW deployment model if the network's throughput is expected to increase in the next few years.
  • Monitoring. Consider teams' ability to efficiently monitor network traffic in existing locations versus rerouting traffic to pass through NGFWs in other locations.
  • Reliability. Teams should understand the reliability requirements for any deployment and how to achieve them -- for example, load-balancing across multiple hardware firewalls or cloud instances.
  • Control. Assess the degree of control required over NGFW deployments -- from monitoring and managing all NGFWs on-premises to enlisting a service provider to monitor and manage all NGFWs.
  • Features. Consider the ability to add NGFW features and capabilities over time, such as advanced AI technologies, without degrading the tool's performance or reliability.

Budgeting

Every vendor's NGFW offerings involve a unique combination of purchases, licensing, subscriptions and features. Reviewing NGFW products can be time-intensive, requiring apples-to-apples comparisons to fully understand the budgetary implications of a deployment model for each network point.

The following are some common NGFW acquisition and implementation costs, although some only apply to certain deployment models:

  • Hardware appliances or commodity hardware to run NGFW software.
  • One-time and recurring licenses and subscriptions, including technical support fees.
  • Deploying tool or service components, such as individual NGFWs and management consoles.
  • NGFW integration with enterprise technologies, including log management systems and identity and access management tools.
  • Training for NGFW implementers, administrators and stakeholders, as well as recurring training fees.
  • Securing the NGFW tool or service and its individual components.
  • Piloting and deployment.
  • Transitioning and retiring legacy technologies.
  • Upgrade costs.
  • Labor costs for managing, monitoring and maintaining NGFWs.

Operational costs vary based on the deployment model. For example, estimating operational costs for cloud-based NGFW deployments is particularly complex. Some NGFW vendors offer sophisticated pricing estimators that take into account the number of NGFWs, optional security services, the volume of network traffic passing through each NGFW, tool architecture, management options and technical support.

On-premises deployment models are easier to estimate, as they are based on known investments in similar cybersecurity technologies.

ROI

Capturing the true ROI for NGFWs and other cybersecurity technologies is challenging for CISOs. The risk/reward of not having the NGFW versus the cost of the hypothetical cyberattack it would prevent is difficult to define.

The value of NGFW technologies can be generally demonstrated by evaluating the reduction in data breaches and thwarted attacks, more efficient incident response times, labor reduction, prevention of reputational damage and more system uptime.

Remember, when determining the true ROI for an NGFW, consider whether other cybersecurity technologies would have stopped the incident. If so, it doesn't mean the NGFW didn't provide value, as it's always advisable to have multiple control layers in place as a failsafe. It just means the NGFW's ROI isn't as high as it would have been had it been the only tool used.

Karen Kent is the co-founder of Trusted Cyber Annex. She provides cybersecurity research and publication services to organizations and was formerly a senior computer scientist for NIST.

Next Steps

LLM firewalls emerge as a new AI security layer

Dig Deeper on Security operations and management

Part of: CISO's roadmap to next-generation firewall adoption

Article 1 of 3

Up Next