https://www.peerspot.com/questions/what-are-the-most-important-features-you-would-be-looking-for-in-a-firewall#comment-186882
1: Bandwidth control and monitoring
Bandwidth control―sometimes referred to as traffic shaping―is one of the best firewall features. We don’t always have unlimited amounts of bandwidth. That means it’s vital to take control of the bandwidth we do have available. With a firewall, you can control the bandwidth available for sites, applications, and users.
2. Web filtering
You can think of a web filter firewall as a content filtering firewall. A web filter firewall is defined as a software program that oversees the data packets that your computer sends and receives. In doing this, it filters any compromising content that has been forbidden or flagged. These rules can be set to stop access to any potentially threatening, unsecure sites. It can also be used to prevent employees from accessing certain sites that may reduce productivity (like social networking websites).
3. Logging
Having access to logs on a firewall gives you up-to-the-minute information about what is happening on your network. Sought after firewall features include being able to give graphs in real time and show you what vulnerabilities or attacks are happening.
4. Internet aggregation and SD WAN
Link aggregation and SD-WAN (Software-defined Wide Area Network) are great features for businesses who need multiple links to the internet. They’re also useful where you are using multiple links and would like to connect to other sites, such as branch offices or cloud services.
5. Sandboxing
Sandboxing is one of those important firewall features that end users don’t even know is there. It takes a file or executable as you’re downloading it and opens it in a completely isolated and separate “test” environment.
6. Integrated wireless controller
Using a firewall with an integrated wireless controller is a fantastic way to save money and bring all of your policies and control into one place or platform.
7. Deep Packet Inspection
Deep packet inspection (DPI) is a great feature we just can’t live without anymore. This technology is an advanced way of examining and managing network traffic where the firewall takes a close look at the packet that is being passed through.
8. Virtual Private Networks
Virtual private networks (VPNs) are networks that are built using public wires (usually the internet) to connect remote users or regional offices to a company’s private, internal network. VPNs are great for users connecting back to a site or the office. They can also be used to connect two sites together.
9. Malware and virus filtering
Next generation firewalls are always filtering for malware, new and old, and are your perimeter defense mechanisms. This includes scanning for viruses, compromised websites, files containing viruses, bot nets trying to hack you, man-in-the-middle attacks―you name it! They can even scan encrypted traffic, such as SSL and TLS connections, to make sure they are safe and trusted.
10. Intrusion prevention system
An intrusion prevention systems (IPS) is the latest advancements from intrusion detection systems (IDS). IPS continually monitors your network, capturing information about possible malicious attacks. These events are then reported to the system administrator(s), who take preventative steps like closing access points and configuring firewalls to prevent future attacks.
11. Identity management integration and Single Sign On
Single Sign On (SSO) is a feature of identity and access management that means users can authenticate their identity safely and security via multiple applications and websites by logging in a single time. The application or website they’re signing into requires verification from a trusted third party to ensure positive identification and no security breaches.
source