Educause Security Discussion mailing list archives
Re: NGFW Usage Information
From: "Curtis, Bruce" <bruce.curtis () NDSU EDU>
Date: Thu, 20 Apr 2017 20:05:21 +0000
One way to save even more money is to adopt something like Google’s BeyondCorp philosophy. At the end of this presentation at the RSA conference in the Q&A Google mentions at the 39 minute mark “that network based network intrusion detection wasn’t working anyway because we were moving everything to encrypted sessions, so it was inevitable." https://www.youtube.com/watch?v=d90Ov6QM1jE One thing to keep in mind is that deep packet inspection is the secret sauce for IPS and NGFW and about 50% of web traffic is encrypted so no deep packet inspection on that 50% of traffic. And the trend will be towards 100% encryption. 10 years ago NGFW and IPS could inspect the content in most web traffic and email. Today on our campus a device at the network border of our campus would see 100% of email traffic is encrypted and 50% of web traffic is encrypted (our email system is hosted in the cloud).
On Apr 19, 2017, at 10:22 AM, Pardonek, Jim <jpardonek () LUC EDU> wrote: Much of it is money driven. We currently have a deployment of tipping point IPS boxes fronted by ASA’s. Our networking folks want to upgrade our I2 connection to 10Gb which would force us to replace our TP box on that connection at a cost of over 100k with almost 40k increase in maintenance. The ASA at that location cannot handle 10Gb either so there would be cash outlay there as well. Since we have separate egress points at each of our 3 campuses in Chicago, it’s working out $$ wise to forklift it all. We are looking to do at least as much or more than the TP boxes and the ASA’s with a NGFW and keep our maintenance costs level. Thanks, Jim James Pardonek, MS, CISSP, CEH Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 (: (773) 508-6086 <image001.png> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Adam Maynard Sent: Wednesday, April 19, 2017 8:55 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] NGFW Usage Information We’re a Palo Alto shop, so I could dive in there. I guess the question is: What are you looking to get out of a NGFW? or what is your business case for replacing you IPS and ASA’s? -Adam From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Pardonek, Jim Sent: Wednesday, April 19, 2017 9:46 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] NGFW Usage Information I’ve finally been able to convince our leadership to pursue swapping out our IPS and ASA’s for a set of next gen firewalls. We are still in the evaluation phase and as a part of our evaluations we are asked by senior leadership to quert other universities to get a barometer of what is being used. If you would (and you can PM me) let me know if you have a NGFW and what it is (not needing specifics) It will help us with our decision. The 3 we looked at were Palo Alto, Check Point, and Cisco Firepower. Appreciate any responses in advance! Best, Jim James Pardonek, MS, CISSP, CEH Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 (: (773) 508-6086 <image001.png>
--- Bruce Curtis bruce.curtis () ndsu edu Certified NetAnalyst II 701-231-8527 North Dakota State University
Current thread:
- NGFW Usage Information Pardonek, Jim (Apr 19)
- Re: NGFW Usage Information Lovaas,Steven (Apr 19)
- Re: NGFW Usage Information Adam Maynard (Apr 19)
- Re: NGFW Usage Information Baillio, Aaron (Apr 19)
- Re: NGFW Usage Information Henrique D. Lucena (Apr 19)
- Re: NGFW Usage Information Bradley, Stephen (Apr 19)
- Re: NGFW Usage Information Thomas Carter (Apr 19)
- Re: NGFW Usage Information Thomas Carter (Apr 19)
- Re: NGFW Usage Information Robert Lau (Apr 19)
- Re: NGFW Usage Information Pardonek, Jim (Apr 19)
- Re: NGFW Usage Information Curtis, Bruce (Apr 20)
- Re: NGFW Usage Information Ed Gibson (Apr 19)
- Re: NGFW Usage Information Hall, Rand (Apr 19)
- Re: NGFW Usage Information Brian Epstein (Apr 19)
- Re: NGFW Usage Information Miller, Richard H (Apr 19)
- Re: NGFW Usage Information Ferguson, Michael (Apr 19)
- Re: NGFW Usage Information Miller, Richard H (Apr 19)
- Re: NGFW Usage Information Adam T Ferrero (Apr 19)
- Re: NGFW Usage Information Pifer, Michael (Apr 19)
- Re: NGFW Usage Information Barros, Jacob (Apr 19)
- Re: NGFW Usage Information Miguel Hernandez (Apr 19)
- Re: NGFW Usage Information Rick DeCaro (Apr 19)