We have around 10 sites 80-100 users in each site with a pair of ASA5525-x firewalls in each site, I wanted to improve our Web security solution (we currently use Trend IWSVA on a VM in each site).
We recently purchased Velocloud SDWAN for each site but the edges we have are not VNF compatible so I can't simple drop in a Palo Alto VNF there.
What's a good option here? I was thinking of adding a firepower module to each of the ASA but the costs will quickly add up. My major concern is Web security, Internet based threats. Should I even be worried? We have quite strict controls on wired port security (802.1x) and endpoint protection (Applocker, Symantec Endpoint)
No comments:
Post a Comment