Cyberthreats are rapidly evolving, and it is critical for companies to employ next-generation firewalls (NGFWs) as part of their network security strategy.
See below for five case studies on how organizations across different industries are employing NGFW solutions to solve their network security challenges:
5 NGFW case studies
Finland-based VR Group is credited with sustainably managing and operating a high-speed train network since 1862.
The public enterprise had a multitude of challenges to face: average internet speed across trains, 5G integration, lower bandwidths than their European counterparts, and a lack of an off-site network management system.
“Our line of work creates unique challenges to maintaining Wi-Fi for customers and VPN for staff,” says Pasi Louko, senior network architect, VR Group.
“Due to a couple of different aspects, we were seeing internet drop for customers and operators.”
VR Group worked with Forcepoint to install a next-generation firewall and create high-speed network architecture, enabling zero-touch deployment and remote access to the IT staff for each train. With the NGFW, VR could connect with all three mobile operators simultaneously, ensuring high bandwidth and reduced network drops.
“Our costs — both for the project and maintenance — are going down, because we don’t need resources locally — we have centralized everything,” Louko says.
“If we want a new service on a train, we define the policy and then give the hardware to the operator, who installs it. It’s that simple. We had the firewall in a train that was offline for two weeks sitting in -15 degrees Celsius temperature, and the NGFW started right up along with the train.”
Industry: Rail
Next-generation firewall provider: Forcepoint
Outcomes:
See more: 5 Top Next-Generation Firewall (NGFW) Trends
Brazil-based Pague Menos is one of the country’s largest pharmacy retail chains with 1,600 stores and over 25,000 employees.
During the pandemic, Pague decided to go digital and opt for a hybrid strategy to fetch more customers and retain existing ones.
“Back in 2016, we had more than 900 stores,” says Afro Vasconcelos of Pague Menos.
“It was getting hard to depend on two internet service providers, and if they did not have an operation in a specific city, we could not have it either.”
These erratic service incidences as well as multiprotocol label switching (MPLS) links, limited bandwidth, and frequent network drops led to Pague installing an NGFW for growing needs. Without a firewall, Pague user services were limited to mostly credit card payments and an internet speed of 64K bits per second.
“As early as 2016, we envisioned a store with more applications, the ability to track sales with a dashboard, and online sales in the future,” Vasconcelos says. “That network would not support this demand.”
Fortinet’s Secure SD-WAN and FortiGate Next-Generation Firewalls fortified Pague’s security at all physical locations. Their integration with Fortinet FortiAP ensured Wi-Fi access for all customers and Pague employees. Moreover, a FortiManager integration ensured unified and centralized administration of Pague’s entire network.
“Now, customers have access to the nearly 1,000 pharmaceutical offices, Clinic Farma for health care support, laboratory tests, vaccinations, or to join plans and benefits available through agreements and partnerships,” Vasconcelos says.
“With an omnichannel structure, customers can buy the way they want and receive their products wherever they prefer. Buyers have facilities: such as Click & Collect, where consumers buy online and opt to pick up the items in a store; Infinity Shelf, which delivers to customers’ homes, free of charge, any product they cannot find in the store; lockers; telesales.
“Our physical business has become increasingly digital. Our services depend on the proper performance of the network. Laboratory tests, for example, are all real-time. Our NGFW made this all possible.”
Industry: Retail
Next-generation firewall provider: Fortinet LAN Edge, Secure SD-WAN, FortiADC, and FortiManager
Outcomes:
See more: Fortinet vs. Palo Alto Networks: Top NGFWs Compared
Bausch Health is a medical manufacturer with over 15,000 employees across over 150 sites.
Bausch had an aging firewall infrastructure, leading to low bandwidth and visibility across the 150 distributed work sites.
With Cisco’s NGFW, Bausch created a policy hierarchy across locations with an intrusion prevention system (IPS), anti-malware, and URL filtering.
The process worked three ways: ensure security compliance across geographies, discover threats before they hit the Bausch systems, and remediate breaches that already happened.
The NGFW came with increased visibility to not just malware or web applications, but also covered voice over Internet Protocol (VoIP) phones, routers, operating systems (OSs), client devices, and network servers.
The Firepower management center automated impact assessment for Bausch while scaling multi-tenancy and creating role-based management based on both access and attributes.
Industry: Medical
Next-generation firewall provider: Tesrex, Cisco Firepower, and Cisco Next-Generation Firewalls
Outcomes:
See more: Cisco vs. Juniper Networks: Next-Generation Firewall (NGFW) Comparison
Colorado-based ENT Credit Union has over $5.7 billion in assets, 30 service centers, and 355,000 members. The organization is known for their customer-centric ENT Extras cash rewards mechanism.
ENT’s issues weren’t purely financial or compliance-based but lied in ensuring remote privacy to their customer data and assets. While the credit union already had Check Point Firewalls for bank network security, internal traffic management was still a pain point for IT staff.
“We needed to replace an east-west monitoring solution that wasn’t giving us adequate visibility,” says Scott Perry, IT security architect, ENT Credit Union.
“Without the ability to see into east-west traffic, we can’t identify anomalies that would signal a possible attacker. We needed a better solution.”
The Check Point NGFW ensured maximum uptime for ENT, with advanced threat detection software for zero-day attacks. Check Point upgraded ENT’s hardware by optimizing them per data center requirements. The Check Point data center integration also supported large ENT traffic volumes and Secure Sockets Layer (SSL) encryption.
“The Check Point firewalls are acting as IDS sensors for our internal traffic,” Perry says.
“We don’t want to stop east-west traffic, but we want to watch everything and be alerted when anything suspicious occurs. The ability to monitor internal traffic is vital for us to protect our members’ information. If a malicious actor comprises a single workstation and tries to move money or information, we’ll know it.”
Industry: Banking
Next-generation firewall provider: Check Point Quantum NGFW and Check Point R80
Outcomes:
See more: Check Point vs. Palo Alto Networks: Top NGFWs Compared
Globe Telecom is one of the Philippines’ largest mobile operators and needs to constantly upgrade its security infrastructure.
Previously, Globe had a legacy firewall architecture with Layer 4 protection. Siloed security and mismanagement of vendors for their tech needs also hampered Globe’s efficiency. The company was looking for a solution with a specialization in customer data.
Globe deployed the Palo Alto Networks’ NGFW as a perimeter security software with special attention to cloud security — microsegmentation, Cloud Workload Protection, and Cloud Security Posture Management (CSPM).
Palo Alto helped Globe remove both operations and infrastructure complexities, along with offering Layer 7 firewalls and filtering. The virtual firewalls were mostly automated, helping Globe to free IT staff from manual work logs.
The NGFW also ensured rapid integration with third-party vendors, endpoint security, and business agility through best industry practices.
Industry: Telecommunications
Next-generation firewall provider: Palo Alto Networks
Outcomes:
See more: 6 Top Next-Generation Firewall (NGFW) Software to Protect Your Network
These case studies show examples of next-generation firewalls being used in various industries: rail; retail; medical; banking; and telecommunications.
Clients selected a range of providers in the NGFW market for the implementations: Forcepoint; Fortinet; Cisco; Check Point; and Palo Alto Networks.
Together, the organizations’ NGFW solutions improved numerous aspects of their networks:
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
