Implementation of a next generation firewall (NGFW) can be a complex process with multiple factors affecting overall performance. These should be considered over the course of the useful life of the NGFW, including:

• Deployment use cases: Will the NGFW be deployed to protect servers, desktop clients, or both?
• What does the traffic look like?
• Concurrency and connection rates
• Connections per second and capacity with different traffic profiles
• Latency and application response times

There is usually a trade-off between security effectiveness and performance; a product’s security effectiveness should be evaluated within the context of its performance (and vice versa). This ensures that new security protections do not adversely impact performance and security shortcuts are not taken to maintain or improve performance.