TL/Dr; looking for rankings of firewall/security gateway products.
My organisation (10k staff users + 4k guest WiFi), is currently running a HA cluster of Checkpoint 13500's. They have served us well, but recently have run out of steam when we have tried to enable Identity Awareness and HTTPS inspection, and are at the end of their life, needing replacement.
In the last 18 months we have had significant issues with VPNs and Checkpoints implementation of IKEv2 (which an engineer let slip was non standard). Due to the VPN issues, the board have mandated that we consider additional vendors in the replacement tender, despite our teams experience and expertise is all Checkpoint-centric.
As is understandable, every vendor thinks their product is best, and it's hard to form a proper opinion from presales demos and discussions. So what I'm after is some objective comparisons between the brand's, such as those found at esecurityplanet.com, so that we can get a sense of how they compare to each other, notable benefits/pitfalls that are hard to judge at this stage, so that we can do our diligence and not just take the vendors word for how awesome they are, especially if they score similarly and need tie breakers that I can present as evidence either for or against.
The vendors that we are looking at are Palo Alto, Fortinet and Checkpoint.
So far I really like the look of Checkpoint's Maestro system, but concerned about the support we have had recently, and Palo Alto seem to be saying all of the right things that would make management weak at the knees.... But it could just be all presales banter!
No comments:
Post a Comment