UnderGround Forums
 

ITGround >> Just installed our new Palo Alto system


6/25/11 12:47 AM
Ignore | Quote | Vote Down | Vote Up
rfquinn
1 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 6/26/00
Posts: 2845
 
 ...and replaced our ASA, Lightspeed URL filter, and Palisade PacketSure (protocol analyzer).  It's a pretty amazing device.  Everything can be done on the application layer, instead of only L3/4.  Over 1,200 app signatures so far.
6/25/11 7:26 PM
Ignore | Quote | Vote Down | Vote Up
big_slacker
24 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 1/1/01
Posts: 14974
Yeah, the cisco SE's I know are pissed about those. I don't see why big C doesn't buy 'em. ;)

I just hope their support is top notch, nothing kills an up and comer like a sweet product with lots of bugs and poor support. Keep us updated.
6/25/11 7:45 PM
Ignore | Quote | Vote Down | Vote Up
rfquinn
1 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 6/26/00
Posts: 2846
Ha!  Yeah, I made the mistake of mentioning the Palo Alto to our Cisco AM.  In a week I had their Iron Port and ASA guys here trying to keep us from going with the PA.

So far the support has been great.  (I had to call a few times during our 3-month eval)  The last major release they had did have quite a few bugs.  Hopefully they learned their lesson.

6/27/11 11:23 AM
Ignore | Quote | Vote Down | Vote Up
E
17 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 5/10/04
Posts: 588
This is basically a UTM?

I'm new to this space.
6/27/11 9:42 PM
Ignore | Quote | Vote Down | Vote Up
rfquinn
1 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 6/26/00
Posts: 2847
Well, I'd say it's in the ballpark of UTM, although I wouldn't classify it as that.  Imagine a firewall that operates primarily at the application layer - through signatures instead of ports.
6/28/11 10:16 AM
Ignore | Quote | Vote Down | Vote Up
big_slacker
24 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 1/1/01
Posts: 14981
Yeah, don't think UTM which is basically piling current gen security technology into one box.

It has IDs for apps, users and content. You create policy based on those IDs rather than IP/L4 port. Add in IPS type signatures for bad stuff.

I'd love to see a comprehensive review from rfquinn when its running for a few months.
6/29/11 10:56 PM
Ignore | Quote | Vote Down | Vote Up
rfquinn
1 The total sum of your votes up and votes down Send Private Message Add Comment To Profile

Member Since: 6/26/00
Posts: 2848
A comprehensive review?  How much free time do you think I have?  :)
7/1/11 7:21 PM
Ignore | Quote | Vote Down | Vote Up
StephenL
Send Private Message Add Comment To Profile

Member Since: 4/1/02
Posts: 25210
anyone hear about arbor networks products?

arbornetworks.com

stephen

Reply Post

You must log in to post a reply. Click here to login.