I currently run an Allot NetEnforcer/NetXplorer (packetshaping/DPI) with a Cisco ASA. We are getting ready to bid out a whole new internet edge. I am curious if anyone has any insight as to whether or not NGFW platforms (i'm looking at FortiNet and Palo Alto - though, I have not engaged either on the topic yet) negate the need for a dedicated shaping/QOS/L7 filtering/DPI appliance. I'm primarily interested in dropping P2P, keeping Netflix/Streaming contained up to a certain percentage of overall bandwidth, guaranteed bandwidth for various subnets, etc. Just curious if there is any opinions out there as to whether NGFW handle this and handle it well.
No comments:
Post a Comment