Toward a modern secure network based on next-generation firewalls: recommendations and best practices.

The security architecture of modern networks undergoes periodic changes, given (i) the diversity of security solutions, (ii) the emergence of new attack vectors, and (iii) corporate needs in terms of access control (ZTNA: Zero Trust Network Access). The complexity of setting up a secure infrastructure lies in the design of the network architecture, on the one hand, and the choice of configurations appropriate to the company's security policy, on the other. Indeed, misconfiguration is considered a vulnerability, which makes the task of setting up a secure network somewhat critical, given the technical skills it requires. In this paper, we will address this problem by proposing a modern security architecture applied to all sizes of enterprises: medium-sized, large, and sometimes even small companies. Therefore, we will describe the equipment required and their roles in the security layer, the security technologies adopted, and best practices for optimal deployment. To evaluate our proposal, we generated malicious traffic using the firewall inspection tester based on the "fit.py" script to study the architecture's resilience and behavior in the face of multiple attacks. [ABSTRACT FROM AUTHOR]