International Journal of Advanced Technology and Engineering Exploration ISSN (Print): 2394-5443    ISSN (Online): 2394-7454 Volume-12 Issue-133 December-2025
  1. 4037
    Citations
  2. 2.7
    CiteScore
Implementation and evaluation of a next-generation firewall: a case study on the network of Jumhouria institution in Libya

Rabea Emdas1 and Elnagah Abdusamad1

Lecturer, Department of IT and Networks,Al-Zintan University,Al-Zintan,Libya1
Corresponding Author : Rabea Emdas

Recieved : 13-February-2025; Revised : 24-November-2025; Accepted : 25-November-2025

Abstract

This study evaluates the effectiveness of a next-generation firewall (NGFW) within a real-world organizational network in Libya, using the Jumhouria institution as a case study. Through network restructuring and multi-phase testing, the research demonstrates that an NGFW equipped with an intrusion prevention system (IPS) can block the vast majority of cyberattacks, reducing breach success rates from approximately 90% to less than 5% and significantly outperforming traditional firewalls. The deployed system achieved 98% detection accuracy while generating actionable and detailed security logs. A controlled laboratory model was initially developed to validate the approach prior to deployment. The findings confirm that NGFWs substantially enhance enterprise security posture and offer a robust defense mechanism for organizations operating in security-critical environments.

Keywords

Next-generation firewall (NGFW), Intrusion prevention system (IPS), Network security, Cyberattack detection, Enterprise security, Firewall performance evaluation.

Cite this article

Emdas R, Abdusamad E. Implementation and evaluation of a next-generation firewall: a case study on the network of Jumhouria institution in Libya. International Journal of Advanced Technology and Engineering Exploration. 2025;12(133):1839-1851. DOI : 10.19101/IJATEE.2025.121220228

References
[1]
Brar MK, Kaur B, Singh G, Jindal PK, Sood S. Traditional firewall vs. next-generation firewall: a review. In AIP conference proceedings 2024. AIP Publishing LLC.
[Crossref] [Google Scholar]
[2]
Singh L, Singh R. Comparative analysis of traditional firewalls and next-generation firewalls: a review. Latest Trends in Engineering and Technology. 2024: 15-27.
[Google Scholar]
[3]
Saif AA, Shamsan AH. Virtualized firewalls: design, implementation, and security challenges in modern network infrastructures. In 5th international conference on emerging smart technologies and applications (eSmarTA) 2025 (pp. 1-8). IEEE.
[Crossref] [Google Scholar]
[4]
Pavlović M, Zajeganović M, Milivojević M. Implementation of next-generation firewalls in modern networks. Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture. 2023: 19-24.
[Crossref] [Google Scholar]
[5]
Gill GK. Multi-layered NGFW protection shield for ai infrastructure. World Journal of Advanced Research and Reviews. 2025; 26(1):2863-74.
[Crossref]
[6]
Hadiningrum TR, Talasari RA, Ilham KF, Ijtihadie RM. Survey on risks cyber security in edge computing for the internet of things understanding cyber attacks threats and mitigation. JUTI: Jurnal Ilmiah Teknologi Informasi. 2025:29-50.
[Crossref] [Google Scholar]
[7]
Zhou J, Fu W, Hu W, Sun Z, He T, Zhang Z. Challenges and advances in analyzing TLS 1.3-encrypted traffic: a comprehensive survey. Electronics. 2024; 13(20):4000.
[Crossref] [Google Scholar]
[8]
Li X, Xie J, Song Q, Sang Y, Zhang Y, Li S, et al. Let model keep evolving: incremental learning for encrypted traffic classification. Computers & Security. 2024; 137:103624.
[Crossref] [Google Scholar]
[9]
Zhang X, Geng W, Song Y, Cheng H, Xu K, Li Q. Privacy-preserving and lightweight verification of deep packet inspection in clouds. IEEE/ACM Transactions on Networking. 2023; 32(1):159-74.
[Crossref] [Google Scholar]
[10]
Deng M, Zhang K, Wu P, Wen M, Ning J. DCDPI: dynamic and continuous deep packet inspection in secure outsourced middleboxes. IEEE Transactions on Cloud Computing. 2023; 11(4):3510-24.
[Crossref] [Google Scholar]
[11]
Yuan Q, Liu C, Yu W, Zhu Y, Xiong G, Wang Y, et al. BoAu: malicious traffic detection with noise labels based on boundary augmentation. Computers & Security. 2023; 131:103300.
[Crossref] [Google Scholar]
[12]
Korkmaz A, Bulut S, Talan T, Kosunalp S, Iliev T. Enhancing firewall packet classification through artificial neural networks and synthetic minority over-sampling technique: an innovative approach with evaluative comparison. Applied Sciences. 2024; 14(16):1-23.
[Crossref] [Google Scholar]
[13]
Elmaghraby RT, Aziem NM, Sobh MA, Bahaa-eldin AM. Encrypted network traffic classification based on machine learning. Ain Shams Engineering Journal. 2024; 15(2):1-10.
[Crossref] [Google Scholar]
[14]
Patel M, Amritha PP, Sudheer VB, Sethumadhavan M. DDoS attack detection model using machine learning algorithm in next generation firewall. Procedia Computer Science. 2024; 233:175-83.
[Crossref] [Google Scholar]
[15]
Barut O, Luo Y, Li P, Zhang T. R1dit: privacy-preserving malware traffic classification with attention-based neural networks. IEEE Transactions on Network and Service Management. 2022; 20(2):2071-85.
[Crossref] [Google Scholar]
[16]
Han G, Zhang H, Zhang Z, Ma Y, Yang T. AI-based malicious encrypted traffic detection in 5G data collection and secure sharing. Electronics. 2024; 14(1):1-24.
[Crossref] [Google Scholar]
[17]
Jha AC. Automated firewall policy generation with reinforcement learning. International Journal of IoT. 2025; 5(1):190-211.
[Crossref] [Google Scholar]
[18]
Liu Y, Wang Z, Pang S, Ju L. Distributed malicious traffic detection. Electronics. 2024; 13(23):1-17.
[Crossref] [Google Scholar]
[19]
Bashi ZS, Senan S. A comprehensive review of zero trust network architecture (ZTNA) and deployment frameworks. International Journal on Perceptive and Cognitive Computing. 2025; 11(1):148-53.
[Crossref] [Google Scholar]
[20]
Lekkala SL, Avula R, Gurijala P. Next-gen firewalls: enhancing cloud security with generative AI. Journal of Artificial Intelligence & Cloud Computing. 2024; 3(4):1-9.
[Crossref] [Google Scholar]
[21]
Foreman J, Waters WL, Kamhoua CA, Hemida AH, Acosta JC, Dike BC. Detection of hacker intention using deep packet inspection. Journal of Cybersecurity and Privacy. 2024; 4(4):794-804.
[Crossref] [Google Scholar]
[22]
Sepczuk M. Dynamic web application firewall detection supported by cyber mimic defense approach. Journal of Network and Computer Applications. 2023; 213:103596.
[Crossref] [Google Scholar]
[23]
Stojałowski A. Zero trust architecture–protection against cyber-attacks. Cybersecurity & Cybercrime. 2024; 1(4):110-25.
[Google Scholar]
[24]
Che MNI, Jamil N, Yusoff Y, Mat KML. A systematic literature review on advanced persistent threat behaviors and its detection strategy. Journal of Cybersecurity. 2024; 10(1):1-18.
[Crossref] [Google Scholar]
[25]
Singh R, Kaushik A, Kumar J, Kaushik K. Web application firewalls: a comprehensive bibliometric review. International Journal of Latest Technology in Engineering, Management & Applied Science. 2025; 14(9):780-90.
[Google Scholar]
[26]
Ajish D. The significance of artificial intelligence in zero trust technologies: a comprehensive review. Journal of Electrical Systems and Information Technology. 2024; 11(1):1-23.
[Crossref] [Google Scholar]