(https://image-store.slidesharecdn.com/f516d3bd-1510-43ee-ae03-96d92ff78f69-original.jpeg)
:ivan:
... because it's true, but...
:haha2:
... because it's funny. :)
pls dont do this to me. Q1 next year im installing new firewalls :wall: :wall: :wall:
Quote from: LynK on December 19, 2016, 09:36:51 AM
pls dont do this to me. Q1 next year im installing new firewalls :wall: :wall: :wall:
You will need this, then:
:notthefirewall:
Print it out and post it up in your cubicle. Point to it whenever someone walks up.
Quote from: LynK on December 19, 2016, 09:36:51 AM
pls dont do this to me. Q1 next year im installing new firewalls :wall: :wall: :wall:
What equipment are you going with?
Quote from: EOS on December 19, 2016, 10:21:29 AM
Quote from: LynK on December 19, 2016, 09:36:51 AM
pls dont do this to me. Q1 next year im installing new firewalls :wall: :wall: :wall:
What equipment are you going with?
Probably Belkin. :lol:
EOS, we are looking at PAN, Cisco, fortinet, and checkpoint. Personally I have ruled out checkpoint. So it is coming down to PAN, cisco, and fortinet.
From what ive found, and gathered he is a small snippet:
PAN: Leading edge, but pricey (subscription based. 4 subscriptions options each are 20%.... wow). Ive also heard they have SSL decrypt performance issues, which I am going to chat with them about.
Fortinet: Fast (ridiculous), for the cost (very cheap). Ive heard their support is spotty, especially with their VPN clients(especially macOS). Other people say they love them... but I am not sold. Gonna be chatting with their rep soon. They also had a backdoor for 2 years and didn't tell anyone... so there is that going for them.
Cisco: Cool new stuff with sourcefire. They are working torwards a unified coding platform for ASA/firepower devices called (FX-OS). It is available but limited functionality (no anyconnect :( ). Cisco does everything okay, but their biggest complaints are their licensing structure, cost for the bandwidth, and the fact that they are a late adopter of NGIPS/NGFW
I will keep you updated.
Isn't yours the boss that doesn't want to spend any money? If so, watch out for the suggestion to put in a multihomed Linux box running iptables...
@dean
yes this is the same guy. He is somewhat starting to come around... :wall: :wall: :wall: I had a very lengthy conversation about security and how running on unsupported FW platforms is not recommended.....speaking of linux. This is pretty cool. Any of you guys hear about: VyOS
Pretty cool and affordable.
Quote from: LynK on December 19, 2016, 10:50:09 AM
@dean
yes this is the same guy. He is somewhat starting to come around... :wall: :wall: :wall: I had a very lengthy conversation about security and how running on unsupported FW platforms is not recommended.....speaking of linux. This is pretty cool. Any of you guys hear about: VyOS
Pretty cool and affordable.
What are your use cases for the firewall? What sort of business is this firm in? What firewall is currently in place?
PAN has so far been the best vendor.
Quote from: LynK on December 19, 2016, 02:46:13 PM
PAN has so far been the best vendor.
Yep. And if you got budget for it, it's the way to go. The devil's in the accounting details, though. How good are your purchasing guys?
Fortinet is looking pretty good too. Checkpoint is out, and cisco may be out soon too.