Latest entries to this category....
(Link: Fortinet) started out about 10 years ago as a small company making this new-fangled thing dubbed later by IDC a UTM device. They have been the market leader in the UTM market for a while now and offer appliances for every size network. They offer a variety of solutions beyond firewalls including endpoint security, antispam, database security, vulnerability management and web application security.
(Link: Fortinet)
Tags: Firewall/UTM · Firewalls · Fortinet · IT Vendor Directory · Unified Threat Management
In October, Gartner released a research note on Next-Generation Firewalls.
In the paper, Gartner states that an NGFW should at least:
support bump-in-the-wire configuration act as a platform for network traffic inspection and network policy enforcement with the following minimum features: standard first-generation firewall capabilities: packet filtering, NAT, stateful inspection, VPN, etc. integrated IPS and threat prevention (not colocated like [...]
Tags: Firewall/UTM · Palo Alto Networks
In November 2007 I predicted that Fortinet would add SSL inspection to their Fortigate appliances to catch up with Palo Alto Networks.
I was wrong by 4 months. FortOS 4.0, with SSL inspection, was released today. It boasts:
Application Control SSL Inspection Data Leakage Prevention (DLP) WAN Optimization
The first three are to catch up with Palo Alto, but [...]
Tags: Firewall/UTM · Fortinet · Palo Alto Networks · SSL Inspection
Astaro now blocks Ultrasurf with version 7.4. The need and difficulty of this task for schools are so great that Astaro issued a press release to announce the new feature.
Apparently they are doing this using SSL inspection (outbound SSL proxy) as opposed to using application signatures. Outbound SSL proxies introduce a new range [...]
Tags: Astaro · Bit9 · Firewall/UTM · Lumension · Ultrasurf · Web Filtering
Fix-the-Firewall-PAN-ebook.pdf
This ebook provides a brief introduction to the limitations of traditional port-blocking firewalls and explains how Palo Alto Networks resolves these problems.
There is an in-depth product demo here.
More discussion on the topic at What is a Firewall.
Tags: Firewall/UTM · Palo Alto Networks
Nir Zuk of Palo Alto Networks posted a video response to this online video argument about firewall innovation that I mentioned before.
Via Nir Zuk responds | ThreatChaos
Tags: Firewall/UTM · Palo Alto Networks
Richard Stiennon hosted a round-table discussion about firewall innovation. Two main opinions were argued. Mike Murray argued that there hasn’t been any innovation for the past decade, that firewalls do stateful inspection to keep most of the garbage out and that is it. Adding functionality from other parts of the security market [...]
Tags: Firewall/UTM · Palo Alto Networks
Organizations under pressure to keep students and employees from bypassing internet filters using client technologies, like UltraSurf are in a perpetual game of cat and mouse. A network admin I know used these steps to block it on his Sonicwall:
Ultrasurf uses “140300000101″ for SSL ehlo messages. If you can block this signature with the [...]
Tags: Firewall/UTM · Palo Alto Networks · Sonicwall · Ultrasurf · Web Filtering
Whenever I learn about a new UTM device (or next generation firewall, secure network gateway, etc.), I’m amazed that there is yet another one. Some of these are well known, but others I’ve never seen in the wild. How many of these companies are making money right now? Here is a first stab [...]
Tags: Firewall/UTM
Avi Baumstein reviews Palo Alto’s PA-4050 in InformationWeek:
The device precisely identified applications, particularly various types of Web traffic, and enabled us to quickly and granularly control usage; for example, we could allow access to Google search and read but block Google Mail and video.
Other highlights:
SSL Proxy Active Directory integration
Tags: Firewall/UTM · Next Generation Firewall