Educause Security Discussion mailing list archives

Re: NGFW Usage Information

From: Brian Basgen <brian_basgen () EMERSON EDU>
Date: Wed, 19 Apr 2017 16:30:45 +0000


There is technical validity behind the marking term “next generation”. Broadly speaking, firewalls have had three 
“generations”: from packet fileting (layer 3) to stateful filtering (layer 4) to application filter (layer 7). While I 
suspect firewalls being sold today that are all “layer 7”, I would bet that a fair number of them run in a layer 4 
config and take advantage of layer 7 only in peripheral ways.

--------------
Brian Basgen
Associate Vice President for Information Technology
Emerson College
617-824-8186 | it.emerson.edu | @EmersonIT

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Lovaas,Steven" 
<Steven.Lovaas () COLOSTATE EDU>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, April 19, 2017 at 9:54 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] NGFW Usage Information


Do be aware that "next generation" is a marketing term, not a technical one.


===================
Steven Lovaas
Information Security Officer
Colorado State University
steven.lovaas () colostate edu<mailto:steven.lovaas () colostate edu>
970-297-3707
===================
________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Pardonek, Jim 
<jpardonek () LUC EDU>
Sent: Wednesday, April 19, 2017 7:46:27 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] NGFW Usage Information

I’ve finally been able to convince our leadership to pursue swapping out our IPS and ASA’s for a set of next gen 
firewalls.  We are still in the evaluation phase and as a part of our evaluations we are asked by senior leadership to 
quert other universities to get a barometer of what is being used.  If you would (and you can PM me) let me know if you 
have a NGFW and what it is (not needing specifics)  It will help us with our decision.  The 3 we looked at were Palo 
Alto, Check Point, and Cisco Firepower.

Appreciate any responses in advance!

Best,

Jim

James Pardonek, MS, CISSP, CEH
Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

•: (773) 508-6086
[tandard_isc2_cissp]

Current thread:

Re: NGFW Usage Information, (continued)
- Re: NGFW Usage Information Barros, Jacob (Apr 19)
  - Re: NGFW Usage Information Miguel Hernandez (Apr 19)
  - Re: NGFW Usage Information Rick DeCaro (Apr 19)
- Re: NGFW Usage Information Miller, Richard H (Apr 19)
  - Re: NGFW Usage Information Lovaas,Steven (Apr 19)
    - Re: NGFW Usage Information Barton, Robert W. (Apr 19)
    - Re: NGFW Usage Information Scott Stoops (Apr 19)
- Re: NGFW Usage Information Jones, Dan J (Apr 20)
- Re: NGFW Usage Information Doug Brooks (Apr 19)
  - Re: NGFW Usage Information Ashley Penchion (Apr 19)
- Re: NGFW Usage Information Brian Basgen (Apr 19)