Next generation firewalls: ready or not

50 %
50 %
Information about Next generation firewalls: ready or not

Published on March 4, 2014

Author: davidstrom



Speech for AITP St Louis chapter March 2014

Next Generation Firewalls: Ready or Not David Strom AITP St. Louis March 2014 1

Who am I? • Long time tech journalist, product reviewer and speaker • IT manager from the dawn of the PC era • Former editor-in-chief at Network Computing, Tom’s • Author of two books on computer networking • Based here 2

Agenda • • • • Next Gen distinguishing characteristics Issues with next gen deployment UTM pro and con Advanced persistent threat tools 3

The older firewall generation 4

Cisco ASA: what it used to be like 5

Next Gen distinguishing characteristics • • • • Applications granularity and awareness Integrated IPS IP Reputation management Geolocation 6


Cisco ASA applications granularity 8

New Cisco ASA Dashboard 9

And another Cisco view 10

Palo Alto Networks “Applipedia” 11


Reputation management 13


McAfee Enterprise Firewall geolocation feature 15

Deployment issues • Next gen does things differently from old school: – NAT – QoS – Outbound vs. inbound rule focus 16


Understanding app ID implications for users 18

One obstacle to switching to next-gen 19

Network documentation isn’t current 20

Handling VMs still an issue 21

Lots of VM security products… 22

Catbird’s compliance radar graph 23


Infrastructure misuse 25

What about UTMs? • Pro: – A lot of protection for the $ nowadays (Juniper/Check Point) – One box does it all • Con: – Complex licensing issues – Can get expensive if you have high bandwidth needs – Latency can kill you if you turn on Anti-Virus 26

Juniper SRX dashboard 27

SonicWall 28


Watchguard UTM 30

APT tools • Try to catch the bad guys before they actually deploy their payloads, such as from Norse Corp. (local boys) and Cyphort 31


For more info • • • • • Twitter: @dstrom TechTarget article: Network World review ofUTMs: 33

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

Next generation firewalls: ready or not | David Strom ...

Next generation firewalls: ready or not David Strom. The One Quality Every Successful Person Needs Jeff Haden Influencer. The 10 Biggest Grammar Mistakes ...
Read more

Next-generation firewall products: Ready or not, here they ...

While many information security teams may be perfectly happy with the "old" firewall and its role in the network security infrastructure, next-generation ...
Read more

Next-Generation Firewall - Wikipedia, the free encyclopedia

Next-Generation Firewall vs. Traditional Firewall NGFWs ... Evolution of Next-Generation Firewalls. Modern threats like web-based malware attacks, ...
Read more

Next-generation firewalls not ready to replace all legacy ...

Next-generation firewalls, or application-aware firewalls, have enjoyed well-deserved hype from network engineers...
Read more

Next-gen firewalls: Off to a good start | Network World

When we tested four next-gen firewalls ... of a next-generation firewall is the ability to ... were not integrated into the firewall ...
Read more

Are Next-Generation Firewalls Ready For The Enterprise?

NSS Labs released results and analysis from its 2012 Group Test for Next Generation Firewall ... Are Next-Generation Firewalls Ready ... not receive any ...
Read more

Choosing a next-generation firewall: Vendor comparison

... a next-generation firewall is becoming a requirement to separate ... Next-gen firewalls: ... Are we ready for memristor-based artificially intelligent ...
Read more

Next Generation Firewall (NGFW) | McAfee

McAfee Next Generation Firewall (NGFW) ... You’ll learn why they are growing concern, why technology alone is not enough to keep them in check, ...
Read more

Next-Generation Firewalls For Dummies - bradreesecom ...

Next-Generation Firewalls For Dummies ... 8 Next-Generation Firewalls For Dummies are not isolated: the U.S. Army’s Walter Reed Medical Center,
Read more