Tag Archives: IPS

Episode 7 – NextGen Network Firewalls

We returned to record our seventh episode on Sunday June 19, 2016. Happy Father’s Day!

Interesting News and Events

We got so caught up in the network firewalls discussion we didn’t even cover any of the news stories.NGN

Roundtable Discussion – Network Firewalls

Is the Firewall only a defective router?

What do we want to achieve with a firewall:

  1. Visibility
  2. Security Zones / segmentation
  3. Policy enforcement

Running ACLs on switches vs a real firewall appliance
Statefull inspection Firewalls
VPN functions
SSL Intercept

NextGen Firewall

  1. Deep packet inspection , protocol and content aware
  2. IDS/IPS
  3. Sandboxing (Palo Alto: WildFire)
  4. automated updates >> cloud integration
  5. behavior based protection

Vendors: Palo Alto, Checkpoint, Cisco Firepower, Fortinet, Juniper SRX,
Dell SonicWall, Barracuda, Watchguard, Intel/McAffee Forcepoint,

Management: Palo Alto Panorama , Cisco Threat Defense, Checkpoint Multi-Domain Security Management, Fortinet FortiAnalyzer
Vendor Independent: AlgoSec, Tuffin

Virtualization: VMware NSX, Cisco ACI, Skyport Systems

What tools are you using?

WANem WAN emulation tool – available in appliance (ISO file) form from Tata Consultancy Services. Leverage variables such as delay, jitter, packet loss, duplication, packet reordering, corruption and bandwidth limitations.

Has your email address or username shown up in a user dump from a recent hack?
‘;–have i been pwned?

Cheers!