Re: [fw-wiz] State of security technology for the enterprise
- From: "miedaner" <miedaner@xxxxxxxxxxxx>
- Date: Wed, 29 Apr 2009 21:52:33 -0400
The underlying architecture is very important to providing control.
Build in security zones, dmz, transit, low to high zones.
and each zone should be setup to detect problems.From layer 1-7 as you move from low to high zones controls should increase
Less is more, permit few, deny all.
You can buy all the gadgets you want but in the arms race that has been
occuring for as long as I can remember, you will never ever be ahead of the
enemy, or clueless user, unless you don't allow it by default.
That being said my experience
Cisco is weak
Love Netscreen/Juniper
ISS is expensive and since IBM took them over is getting weaker
Palo Alto seems promising
Sidewinder is good
DPI is a marketing term to me
-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx]On Behalf Of Chris
Hughes
Sent: Wednesday, April 29, 2009 9:31 AM
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
Subject: [fw-wiz] State of security technology for the enterprise
Hello all.
I am currently developing a strategy for evolving the security for my
enterprise network. Currently I protect the core network (servers and
services) and internet with inline sensors, use HIDS on all client machines
(which performs event correlation with the inline sensors) content
filtering, use of AV on all hosts, SSL and IPSec VPN and spamfiltering on
the edge.
In reviewing the latest offerings I see that there are new and potentially
immature technologies that may be the direction I need to look. These
include:
DPI (deep packet inspection) firewalls
Content filtering on the firewall
SSL proxying with decryption for filtering abuse and data leak
DLP - related to ssl filtering but with the addition of protecting data at
rest from leaving the network.
VMWARE/Hypervisor sensors to protect my virtual infrastructure
The vendors offerings I am reviewing include:
Cisco
ISS
Juniper
Fortinet
Palo Alto
If I omitted serious contenders from my list please bring them to my
attention. I also have a feature matrix I am willing to share if anyone is
interested.
Cisco has point product solutions for the most part but Juniper, Palo Alto
and Fortinet are combining some of the new abilities into a single
appliance.
I am looking for conversation on the newer technologies as well as
thoughts of combining them on a single albeit clustered/HA appliance versus
separate solutions for each function. Another thing I wrestle with is
single vendor solutions versus hybrid solution that offers some dioversity
and a system of checks and balances.
Of particular interest is DPI. From what I read this will be a major
advance that really grants security admins control at the firewall that they
never had before.
Please share your thoughts.
Thanks
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] State of security technology for the enterprise
- From: Marcin Antkiewicz
- Re: [fw-wiz] State of security technology for the enterprise
- References:
- [fw-wiz] State of security technology for the enterprise
- From: Chris Hughes
- [fw-wiz] State of security technology for the enterprise
- Prev by Date: Re: [fw-wiz] State of security technology for the enterprise
- Next by Date: Re: [fw-wiz] State of security technology for the enterprise
- Previous by thread: Re: [fw-wiz] State of security technology for the enterprise
- Next by thread: Re: [fw-wiz] State of security technology for the enterprise
- Index(es):
Relevant Pages
|
