9) IPv6 ready. Major operating systems and core networking components offer IPv6 support. For example, Windows Vista uses IPv6 addresses by default, which may be a potential security threat without properly implemented access control and deep inspection. In addition, malicious traffic may be hidden inside IPv6 and IP-in-IP tunnels, which many security solutions still fail to protect.
Make sure your IPS provides stateful access control and full deep inspection capabilities for IPv6 network traffic, including IPv6 encapsulation, IP-in-IP and GRE tunneling protocols. [Also see: "The Dual Stack Dilemma"]
10) Integration with your firewall. The essence of a next-generation firewall is the ability to interact with an intrusion prevention system. The integration of these capabilities can either be within a single system or separate, but be aware of issues that can arise around reporting, throughput and management.
Stonesoft provides mid- and large-size organizations software-based network security solutions, which include the industry's first evasion prevention system (EPS), the industry's first transformable Security Engine as well as stand-alone next generation firewalls, intrusion prevention systems and SLL VPN solutions.
Read more about wide area network in Network World's Wide Area Network section.