Next generation firewalls: ready or not

50 %
50 %
Information about Next generation firewalls: ready or not
Technology

Published on March 4, 2014

Author: davidstrom

Source: slideshare.net

Description

Speech for AITP St Louis chapter March 2014

Next Generation Firewalls: Ready or Not David Strom AITP St. Louis March 2014 david@strom.com 1

Who am I? • Long time tech journalist, product reviewer and speaker • IT manager from the dawn of the PC era • Former editor-in-chief at Network Computing, Tom’s Hardware.com • Author of two books on computer networking • Based here 2

Agenda • • • • Next Gen distinguishing characteristics Issues with next gen deployment UTM pro and con Advanced persistent threat tools 3

The older firewall generation 4

Cisco ASA: what it used to be like 5

Next Gen distinguishing characteristics • • • • Applications granularity and awareness Integrated IPS IP Reputation management Geolocation 6

7

Cisco ASA applications granularity 8

New Cisco ASA Dashboard 9

And another Cisco view 10

Palo Alto Networks “Applipedia” 11

12

Reputation management 13

14

McAfee Enterprise Firewall geolocation feature 15

Deployment issues • Next gen does things differently from old school: – NAT – QoS – Outbound vs. inbound rule focus 16

17

Understanding app ID implications for users 18

One obstacle to switching to next-gen 19

Network documentation isn’t current 20

Handling VMs still an issue 21

Lots of VM security products… 22

Catbird’s compliance radar graph 23

24

Infrastructure misuse 25

What about UTMs? • Pro: – A lot of protection for the $ nowadays (Juniper/Check Point) – One box does it all • Con: – Complex licensing issues – Can get expensive if you have high bandwidth needs – Latency can kill you if you turn on Anti-Virus 26

Juniper SRX dashboard 27

SonicWall 28

29

Watchguard UTM 30

APT tools • Try to catch the bad guys before they actually deploy their payloads, such as from Norse Corp. (local boys) and Cyphort 31

32

For more info • • • • • david@strom.com Twitter: @dstrom http://strominator.com TechTarget article: http://bit.ly/1dISmx4 Network World review ofUTMs: http://bit.ly/1fJtmHE 33

Add a comment

Related presentations

Related pages

Next generation firewalls: ready or not | David Strom ...

Next generation firewalls: ready or not David Strom. The One Quality Every Successful Person Needs Jeff Haden Influencer. The 10 Biggest Grammar Mistakes ...
Read more

Next-generation firewall products: Ready or not, here they ...

While many information security teams may be perfectly happy with the "old" firewall and its role in the network security infrastructure, next-generation ...
Read more

Next-Generation Firewall - Wikipedia, the free encyclopedia

Next-Generation Firewall vs. Traditional Firewall NGFWs ... Evolution of Next-Generation Firewalls. Modern threats like web-based malware attacks, ...
Read more

Next-generation firewalls not ready to replace all legacy ...

Next-generation firewalls, or application-aware firewalls, have enjoyed well-deserved hype from network engineers...
Read more

Next-gen firewalls: Off to a good start | Network World

When we tested four next-gen firewalls ... of a next-generation firewall is the ability to ... were not integrated into the firewall ...
Read more

Are Next-Generation Firewalls Ready For The Enterprise?

NSS Labs released results and analysis from its 2012 Group Test for Next Generation Firewall ... Are Next-Generation Firewalls Ready ... not receive any ...
Read more

Choosing a next-generation firewall: Vendor comparison

... a next-generation firewall is becoming a requirement to separate ... Next-gen firewalls: ... Are we ready for memristor-based artificially intelligent ...
Read more

Next Generation Firewall (NGFW) | McAfee

McAfee Next Generation Firewall (NGFW) ... You’ll learn why they are growing concern, why technology alone is not enough to keep them in check, ...
Read more

Next-Generation Firewalls For Dummies - bradreesecom ...

Next-Generation Firewalls For Dummies ... 8 Next-Generation Firewalls For Dummies are not isolated: the U.S. Army’s Walter Reed Medical Center,
Read more