Looking to see what others Opinions are experiences are on various other firewalls. Currently Checkpoint is bugging out on us quite a lot. I recently started dropping "hello" TLS packets for one particular application only (Also sharing the same certificate as other traffic that did get through) but gave no indications or logs that this traffic was getting error-ed or denied.
Our new Architect is pretty well at wits end, and likes PA. I have a very limited exposure to it. And when I did it was pre panorama.
But as a security guy CP does some really nice things in terms of IPS/IDS and the ability to correlate logs track threats etc. (Their IPS stuff is honestly one of the best security tools I have)
Also coming in R80.40 the https inspection is getting an overhaul.
I have another close friend that loves their PA, and no issues with it. Our vendors that also sell PA say really they're not all that different in terms of maintenance, bugs or general quirks.
Not a particular fan of Sonic wall or firepower. Fortigate I have 0 experience with, but was also warned about their product stability and fixing bugs. (Just what I heard.)
The other issue we're looking to over come is needing actual FWs for remote sites that we're moving DIA from MPLS. Possibly looking at SAAS FW instead of direct appliances to lower costs and management.
Also ripping out one for the other seems like more work than we'd want especially if there's no drastic difference.
Thanks for your input.
No comments:
Post a Comment