[geeks] Router / Firewall / Endpoint Thoughts & Ideas
Mike Meredith
very at zonky.org
Wed Aug 18 15:18:03 CDT 2021
Hi!
On Wed, 18 Aug 2021 11:39:46 +0100, Mark Benson wrote:
> So either:
> = We carry on as we are and sink north-side of 3 grand into 3 more
> years and a new Firebox (which isnb�t bad rent *if* it works as a
> effective security) OR
> = We dump the Firebox in favour of a decent Statefull Firewall /
> Router and focus on management, pro-active patching and security on
> endpoints (something we arguably should be doing anyway) via
> something like PulseWay (RMM) and BitDefender (Endpoint Security)
>
> Anyone got any thoughts either way?
Free warning: I do this professionally and I'm used to rather larger
budgets (I'm probably spending close to B#150,000 a year on Palo Alto
licenses).
Yes. Do both. Defence in depth.
I'm surprised to hear that someone thinks that TLS inspection isn't
effective. It's true that it can be a pain in the arse, but it's still
an effective way of detecting threats. You do have to exclude some
stuff from inspection and URL categorisation can come in handy there.
> Anyone recommend a robust SMB-class router with a comprehensive
I'm a bit of a Palo Alto fanboy but that was after a year spent
reviewing all the enterprise class alternatives a while back, and
nothing came close. And I've talked to others in the security field
who've dealt with many different firewalls and they tend to agree that
PA is the gold standard.
You /might/ be able to manage a lower-end Palo Alto on your budget - I
know that a PA220 with a lab license (so not suitable) cost something
like B#1,500. It should be suitable, but check with your local
salescritter!
--
Mike Meredith (http://zonky.org/)
Men never do evil so completely and cheerfully as when they do it from
religeous conviction
-- Blaise Pascal
More information about the geeks
mailing list