Educause Security Discussion mailing list archives

Re: Firewall Upgrade

From: "O'Callaghan, Daniel" <Daniel.OCallaghan () SINCLAIR EDU>
Date: Fri, 14 Feb 2014 16:11:58 +0000

IMO, the malware blocking is very effective. 
We piloted Palo Alto for a full year in 2008, added in-line with Checkpoints in 2009, added another PA and removed 
Checkpoints in 2010.  Very few compromised IT-managed endpoints.  When we do see a compromise, most times it is 
phishing response.    
We do see compromised student devices (with 20,000+ commuter students it's expected), but detected traffic is blocked 
by the PA, at least while they are on our network.  
We are only using the basic Wildfire service, so far it is promising.  


_________________________
Dan O'Callaghan
CISO, Sinclair Community College
937.512.2452


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark 
Rogowski
Sent: Friday, February 14, 2014 10:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Firewall Upgrade

Forgive the derailing of this thread, but given all the chatter regarding Palo Alto, I am very curious to know how 
effective the product is at stopping malware.  PA touts they have strong anti malware protection - is this in fact 
true?  Have any of you noticed a drop in your end point infections?

Mark Rogowski  CISSP, CISM
IT Security / Information Security Office University of Winnipeg
Ph: 204-786-9034





-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Michael 
Horne
Sent: Friday, February 14, 2014 8:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Firewall Upgrade

I will also give a +1 to Palo Alto, We replaced a pair of aging Nortel branded check points with a pair of PA 5020's. 
We are very pleased with them and I personally would recommend them as well. A lot deeper view into what's happening on 
the network as well. Rule creation is not bad either once yopu get the mind shift changed to zone / application based 
vrs just a port based FW.


Michael Horne
Network Engineer
Olin College of Engineering
1000 Olin Way, Milas Hall, Suite LL18
Needham, MA 02492
1-781-292-2438



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Russo, 
Dan
Sent: Thursday, February 13, 2014 2:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Firewall Upgrade

We are looking into upgrading our Firewall. I was wondering if anyone had anything to offer in regards to what you are 
using and the pros/cons associated to it.

Thanks,

Dan

Current thread:

Re: Firewall Upgrade, (continued)
- - - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Ryan Hiebert (Feb 14)
    - Re: Firewall Upgrade Nathaniel Hall (Feb 14)
    - Re: Firewall Upgrade Ruth Ginzberg (Feb 14)
    - Re: Firewall Upgrade Hall, Rand (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade Mark Rogowski (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)
    - Re: Firewall Upgrade O'Callaghan, Daniel (Feb 14)
- Re: Firewall Upgrade Francisco Pérez (Feb 14)
- Re: Firewall Upgrade John McMillan (Feb 14)
- Re: Firewall Upgrade Thomas Carter (Feb 14)
- Re: Firewall Upgrade Robert Lau (Feb 13)
- Re: Firewall Upgrade Chris Davis (Feb 14)
- Re: Firewall Upgrade Ben Parker (Feb 14)
  - Re: Firewall Upgrade Mike Osterman (Feb 14)
    - Re: Firewall Upgrade Ian McDonald (Feb 14)
    - Re: Firewall Upgrade Mike Osterman (Feb 14)
    - Re: Firewall Upgrade Roger A Safian (Feb 14)

(Thread continues...)