Everything you ever wanted to know about security policy management, and much more.
Since it’s RSA week, it’s a perfect time to continue the discussion of the State of the Firewall in 2013. Last week we attempted to address the most asked question from our State of the Firewall webcast, but we have many more questions to address (and will address in more blog Q&A posts with our webcast panelists from AlgoSec, Fortinet, NSS Labs and General Motors).
“Other than costs, what’s the biggest benefit of deploying NGFWs versus traditional firewalls and IPS?”
Pankil Vyas, Manager – Network Security Center, General Motors
You will get better correlation of logs. Cost itself is a good reason. In a mature organization with role based policies you can reduce false-positives with a NGFW implementation.
Nimmy Reichenberg, VP of Strategy, AlgoSec
Simplicity of management (which also translates to cost when you think of it) and over time we expect better correlation between IPS findings and the firewall policy.
Ryan Liles, Director of Testing Services, NSS Labs
While we would never recommend a single security device deployment as opposed to a layered approach, there’s something to be said for an all-in-one solution. There are obvious management implications to running a single, combined device where intrusion and firewall policies can be built, updated, and applied in a single session.
Patrick Bedwell, VP of Products, Fortinet
In short, visibility and control.
Visibility includes:
Control includes:
Next week we’ll share the rest of the Q&A session in more of a rapid fire session with the panelists. For those of you attending RSA this week, enjoy and please make sure to stop by the AlgoSec booth 433 to learn firewall policy management tips and tricks and to see a demo of the AlgoSec Security Management Suite.
Receive notifications of new posts by email.