Educause Security Discussion mailing list archives
Are you using a "next generation" firewall?
From: David Curry <David.Curry () NEWSCHOOL EDU>
Date: Wed, 20 Jul 2011 09:55:01 -0400
The New School is currently looking at several candidates to replace its Internet firewalls. We're looking at some of the "next generation" features that several vendors are now offering, especially: - application identification (writing rules based on applications rather than simple port/protocol) - ability to block/control peer-to-peer traffic (usually a subset of application identification) - automated blocking based on intrusion prevention signatures and/or reputation services - integration with Active Directory/LDAP (writing rules based on users/groups and logging with user data) We'd like to hear from other schools that are using (or have tried using) these technologies: - which vendor did you choose? - which of the above capabilities are you using, and how/for what? - which of the above capabilities did you try using and gave up (and why)? - if your firewall supports it, are you using the SSL decryption features, and if so, for what? - do you think the new capabilities have practical value over "traditional" firewalls, or are they just hype? Thanks, --Dave -- David A. Curry, CISSP • Director, Information Security The New School • 55 West 13th St. • New York, NY 10011 Tel: +1 212 229-5300 x4728 • david.curry () newschool edu
Current thread:
- Are you using a "next generation" firewall? David Curry (Jul 20)
- Re: Are you using a "next generation" firewall? Will Froning (Jul 20)
- <Possible follow-ups>
- Re: Are you using a "next generation" firewall? Boyd, Daniel (Jul 28)