Educause Security Discussion mailing list archives

Re: Firewall Upgrade

From: "Hall, Rand" <hallr () MERRIMACK EDU>
Date: Fri, 14 Feb 2014 11:04:19 -0500

Like Roger said, YMMV. Most people have many layers of defense. No layer is
magic. OpenDNS blocks some stuff for us. PA DNS anti-hijacking firewall
rules block stuff. Threat Protection on PA blocks some stuff. Basic
Wildfire alerts on some stuff. Desktop AV still blocks some stuff. PA
Threat Protection blocks/alerts on post-infection C&C traffic.

The basic Wildfire service that comes with Threat Protection is pretty good
for what it is. The premium service is overpriced, IMHO (as is URL
filtering).


Rand

Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532
rand.hall () merrimack edu

If I had an hour to save the world, I would spend 59 minutes defining the
problem and one minute finding solutions. - Einstein


On Fri, Feb 14, 2014 at 10:25 AM, Mark Rogowski <m.rogowski () uwinnipeg ca>wrote:

Forgive the derailing of this thread, but given all the chatter regarding
Palo Alto, I am very curious to know how effective the product is at
stopping malware.  PA touts they have strong anti malware protection - is
this in fact true?  Have any of you noticed a drop in your end point
infections?

Mark Rogowski  CISSP, CISM
IT Security / Information Security Office
University of Winnipeg
Ph: 204-786-9034





-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Michael Horne
Sent: Friday, February 14, 2014 8:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Firewall Upgrade

I will also give a +1 to Palo Alto, We replaced a pair of aging Nortel
branded check points with a pair of PA 5020's. We are very pleased with
them and I personally would recommend them as well. A lot deeper view into
what's happening on the network as well. Rule creation is not bad either
once yopu get the mind shift changed to zone / application based vrs just a
port based FW.


Michael Horne
Network Engineer
Olin College of Engineering
1000 Olin Way, Milas Hall, Suite LL18
Needham, MA 02492
1-781-292-2438



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Russo, Dan
Sent: Thursday, February 13, 2014 2:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Firewall Upgrade

We are looking into upgrading our Firewall. I was wondering if anyone had
anything to offer in regards to what you are using and the pros/cons
associated to it.

Thanks,

Dan

Current thread:

Re: Firewall Upgrade, (continued)
- - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Ryan Hiebert (Feb 14)
    - Re: Firewall Upgrade Nathaniel Hall (Feb 14)
    - Re: Firewall Upgrade Ruth Ginzberg (Feb 14)
    - Re: Firewall Upgrade Hall, Rand (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade O'Callaghan, Daniel (Feb 14)
- Re: Firewall Upgrade Francisco Pérez (Feb 14)
- Re: Firewall Upgrade John McMillan (Feb 14)
- Re: Firewall Upgrade Thomas Carter (Feb 14)
- Re: Firewall Upgrade Robert Lau (Feb 13)
- Re: Firewall Upgrade Chris Davis (Feb 14)
- Re: Firewall Upgrade Ben Parker (Feb 14)

(Thread continues...)