Implementation of a next generation firewall (NGFW) can be a complex process with multiple factors affecting overall security effectiveness. These should be considered over the course of the useful life of the NGFW, including:

• Deployment use case: Will the NGFW be deployed to protect servers or desktop clients or both?
• Age of operating systems and applications
• Company patch policies and procedures
• Defensive capabilities in the deployment use cases
• Relevant evasions (i.e., client evasions, server evasions, evasions for internal applications and IP Address spoof and TCP split handshake)
• Leakage
• Device stability and reliability
• Overall manageability