NextGeneraon%Firewalls:%Top%9% Revisited% · 2015%Fall%Conference%–“CyberSizeIT”%...

CRISC CGEIT CISM CISA 201313 Fall13 Conference13 ndash13 ldquoSail13 to13 Successrdquo13

Next13 Generaon13 Firewalls13 Top13 913 Revisited13

Miguel13 (Mike)13 O13 Villegas13 13 CISA13 CISSP13 GSEC13 CEH13 PCI13 QSA13 PA-shy‐QSA13

Vice13 President13 K3DES13 LLC13 Core13 Competencies13 ndash13 C3213

201513 Fall13 Conference13 ndash13 ldquoCyberSizeITrdquo13 November13 913 ndash13 1113 201513

13

Abstract13 Recent13 security13 breaches13 to13 some13 of13 the13 largest13 and13 seemingly13 more13 secure13 environments13 beg13 the13 queson13 whether13 exisng13 protecon13 mechanisms13 are13 sufficient13 to13 deter13 unauthorized13 access13 to13 crical13 assets13 13 Tradional13 firewalls13 an-shy‐virus13 and13 intrusion13 prevenon13 systems13 appear13 to13 have13 lost13 their13 usefulness13 13 In13 reality13 they13 are13 sll13 very13 much13 in13 use13 however13 more13 robust13 and13 effecve13 soluons13 are13 needed13 to13 keep13 up13 with13 those13 that13 threaten13 our13 network13 infrastructures13 13 13 Next-shy‐Generaon13 Firewalls13 are13 integrated13 network13 plaborms13 that13 consist13 of13 in-shy‐line13 deep13 packet13 inspecon13 (DPI)13 firewalls13 Intrusion13 Prevenon13 Systems13 Applicaon13 Inspecon13 and13 Control13 SSLSSH13 inspecon13 website13 filtering13 and13 Quality13 of13 Service13 (QoS)bandwidth13 management13 in13 the13 network13 to13 protect13 the13 network13 against13 latest13 sophiscated13 adacks13 13 This13 session13 will13 cover13 NGFW13 features13 uses13 business13 case13 and13 vendor13 offerings13 13 It13 will13 also13 provide13 the13 parcipant13 with13 a13 roadmap13 on13 how13 to13 audit13 and13 manage13 a13 NGFWs13 Afer13 compleng13 this13 session13 parcipants13 will13 be13 able13 to13 113 Beder13 understand13 what13 is13 a13 Next13 Generaon13 Firewall13 213 Gain13 knowledge13 in13 how13 do13 they13 differ13 from13 UTM13 313 Beder13 understand13 what13 are13 NGFW13 features13 and13 how13 do13 they13 work13 413 Beder13 understand13 how13 to13 make13 a13 business13 case13 for13 a13 NGFW13 513 Gain13 knowledge13 in13 how13 to13 audit13 and13 manage13 a13 NGFW13

213

The13 products13 presented13 in13 this13 session13 are13 for13 informaonal13 purposes13 only13 and13 does13 not13 reflect13 an13 endorsement13 or13 recommendaon13 on13 the13 part13 of13 the13 presenter13 13 Adendees13 are13 advised13 to13 perform13 their13 own13 due13 diligence13 in13 selecng13 the13 right13 soluon13 for13 their13 instuons13


13

Table13 of13 Contents13

v NGFW13 Primer13 v Need13 for13 NGFW13 v Case13 for13 NGFW13 v NGFW13 Vendors13 v NFGW13 Audit13

313

1111513 413


NGFW13 PRIMER13

413


13

NGFW13 Primer13

513

NGFWs13 are13 integrated13 network13 security13 plaborms13 that13 consist13 of13 v  in-shy‐line13 deep13 packet13 inspecon13 (DPI)13 firewalls13 13 v  Intrusion13 Prevenon13 Systems13 (IPS)13 13 v  applicaon13 inspecon13 and13 control13 13 v  SSLSSH13 inspecon13 13 v  website13 filtering13 and13 13 v  quality13 of13 service13 (QoS)bandwidth13 management13 The13 presenter13 of13 this13 session13 has13 interviewed13 and13 researched13 NGFWs13 for13 913 NGFW13 vendors13 in13 October13 201413 listed13 in13 the13 201413 Gartner13 Magic13 Quadrant13

v Juniper13 v Cisco13 v Palo13 Alto13 v Checkpoint13 v ForBnet13 v McAfee13 v Dell13 Sonicwall13 v Barracuda13 v HP13 Tippingpoint13


13

613

Next Generation firewall

Application Awareness amp Control

User-based Controls

Intrusion Prevention

Unified Threat Management

Anti-virus

WebContent Filtering

Anti-spam

Security Intelligence

Command amp control

GeoIP

Industry feeds

Custom feeds

Foundational elements Stateful Firewall

Management

VPN NAT

Logging amp reporting

Routing

Analytics

Source13 Juniper13 SRX13 ndash13 Next13 Genera5on13 Firewall13 ndash13 November13 201413 13

Next13 GeneraBon13 Firewall13 Primer13


13

TradiBonal13 Firewalls13 bull  Unlike13 NGFWs13 tradional13 packet-shy‐filtering13 firewalls13 only13 provide13

protecon13 at13 Layer13 313 (network)13 and13 Layer13 413 (transport)13 of13 the13 OSI13 model13 13

bull  They13 include13 metrics13 to13 allow13 and13 deny13 packets13 by13 discriminang13 the13 source13 IP13 address13 of13 incoming13 packets13 desnaon13 IP13 addresses13 the13 type13 of13 Internet13 protocols13 the13 packet13 may13 contain13 ndash13 eg13 13 ndash  normal13 data13 carrying13 IP13 packets13 13 ndash  ICMP13 (Internet13 Control13 Message13 Protocol)13 13 ndash  ARP13 (Address13 Resoluon13 Protocol)13 13 ndash  RARP13 (Reverse13 Address13 Resoluon13 Protocol)13 13 ndash  BOOTP13 (Bootstrap13 Protocol)13 and13 13 ndash  DHCP13 (Dynamic13 Host13 Configuraon13 Protocol)13 -shy‐-shy‐13 and13 roung13 features13

713


13

NGFW13 FoundaBonal13 Elements13

813

NGFWs13 are13 integrated13 network13 security13 plaborms13 that13 consist13 of13 v Stateful13 Firewall13 v Virtual13 Private13 Network13 (VPN)13 v Network13 Address13 Translaon13 (NAT)13 v Roung13 v Management13 v Logging13 and13 Reporng13 v Analycs13

13


13

NGFW13 AddiBonal13 Elements13

913

NGFWs13 are13 integrated13 network13 security13 plaborms13 that13 also13 consist13 of13 v Applicaon13 Awareness13 and13 Control13 v  Intrusion13 Prevenon13 v User13 based13 controls13 v An-shy‐Virus13 v WebContent13 Filtering13 v An-shy‐Spam13 v Two-shy‐factor13 authencaon13 v Acve13 Directory13 Integraon13 v Security13 Intelligence13 13 Threat13 Intelligence13 v Mobile13 Device13 Controls13 v Data13 Loss13 Prevenon13

13


13

Threat13 Intelligence13 One13 of13 the13 major13 differenators13 that13 all13 of13 these13 major13 NGFW13 companies13 purport13 to13 be13 working13 on13 is13 threat13 intelligence13 that13 is13 current13 open13 connuous13 adapve13 and13 automac13

1013

hdpwwwzdnetcomarclenew-shy‐threat-shy‐intelligence-shy‐report-shy‐skewers-shy‐industry-shy‐confusion-shy‐charlatans13


13

1113


13

1213

Source13 Palo13 Alto13

1313 13 13 |13 13 13 1111513

Malware13 also13 called13 malicious13 code13 is13 sofware13 designed13 to13 gain13 access13 to13 targeted13 computer13 systems13 steal13 informaon13 or13 disrupt13 computer13 operaons13 13

bull  Worm13 bull  Spyware13 bull  Virus13 bull  Adware13 bull  Network13 Worm13 bull  Ransomware13 bull  Trojan13 Horse13 bull  Keylogger13 bull  Botnets13 bull  Rootkit13

Types13 of13 AKacks13

other13 types13 of13 adacks13 13 13 13 13 13

1413 13 13 |13 13 13 1111513

bull  Advanced13 persistent13 threats13

bull  Social13 engineering13

bull  Backdoor13 bull  Phishing13 bull  Brute13 force13 adack13 bull  Spear13 phishing13 bull  Buffer13 overflowmdash13 bull  Spoofing13 bull  Cross-shy‐site13 scripng13 (XSS)13 bull  Structure13 Query13

Language13 (SQL)13 injecon13 bull  Denial-shy‐of-shy‐service13 (DoS)13 adack13

bull  Zero-shy‐day13 exploit13

bull  Man-shy‐in-shy‐the-shy‐middle13 adack13



13

UTM13 vs13 NGFW13

1513

Security13 vendors13 ofen13 differ13 in13 their13 definions13 of13 UTM13 and13 NGFWs13 Over13 me13 UTM13 references13 will13 likely13 dissipate13 -shy‐-shy‐13 the13 same13 may13 even13 happen13 for13 NGFWs13 -shy‐-shy‐13 but13 whatrsquos13 certain13 is13 that13 enhancements13 to13 mulfunconal13 security13 soluons13 whatever13 theyrsquore13 called13 will13 connue13

v UTMs13 are13 primarily13 for13 SMB13 v NGFW13 are13 for13 more13 larger13 more13 complex13 IT13 environments13


13

1613


13

1713

Source13 Juniper13 SRX13 Datasheet13


13

1813

CHALLENGERS13 LEADERS13

NICHE13 PLAYERS13 VISIONARIES13

Gartner13 Magic13 Quadrant13 ndash13 April13 201513


13

1913

October13 713 201513

13 1048576104857710485781048579104858010485811048582104858310485841048585104858610485871048588104858910485901048591104859210485931048594104859510485961048597104859810485991048600104860110486021048603104860410486051048606104860710486081048609104861010486111048612104861310486141048615104861610486171048618104861910486201048621104862210486231048624104862510486261048627104862810486291048630104863110486321048633104863410486351048636104863710486381048639104864010486411048642104864310486441048645104864610486471048648104864910486501048651104865210486531048654104865510486561048657104865810486591048660104866110486621048663104866410486651048666104866710486681048669104867010486711048672104867310486741048675104867610486771048678104867910486801048681104868210486831048684104868510486861048687104868810486891048690104869110486921048693104869410486951048696104869710486981048699104870010487011048702104870313 Security13 13 1048576104857710485781048579104858010485811048582104858310485841048585104858610485871048588104858910485901048591104859210485931048594104859510485961048597104859810485991048600104860110486021048603104860410486051048606104860710486081048609104861010486111048612104861310486141048615104861610486171048618104861910486201048621104862210486231048624104862510486261048627104862810486291048630104863110486321048633104863410486351048636104863710486381048639104864010486411048642104864310486441048645104864610486471048648104864910486501048651104865210486531048654104865510486561048657104865810486591048660104866110486621048663104866410486651048666104866710486681048669104867010486711048672104867310486741048675104867610486771048678104867910486801048681104868210486831048684104868510486861048687104868810486891048690104869110486921048693104869410486951048696104869710486981048699104870010487011048702104870313 Performance13 13 1048576104857710485781048579104858010485811048582104858310485841048585104858610485871048588104858910485901048591104859210485931048594104859510485961048597104859810485991048600104860110486021048603104860410486051048606104860710486081048609104861010486111048612104861310486141048615104861610486171048618104861910486201048621104862210486231048624104862510486261048627104862810486291048630104863110486321048633104863410486351048636104863710486381048639104864010486411048642104864310486441048645104864610486471048648104864910486501048651104865210486531048654104865510486561048657104865810486591048660104866110486621048663104866410486651048666104866710486681048669104867010486711048672104867310486741048675104867610486771048678104867910486801048681104868210486831048684104868510486861048687104868810486891048690104869110486921048693104869410486951048696104869710486981048699104870010487011048702104870313 Total13 cost13 of13 ownership13 (TCO)13


13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13

Do13 we13 really13 need13 a13 NGFW13

2413

bull  But13 ldquowersquove13 never13 had13 a13 breachrdquo13 or13 ldquowe13 are13 not13 a13 big13 targetrdquo13

bull  Today13 there13 are13 a13 large13 number13 of13 disparate13 standalone13 products13 and13 services13 forced13 to13 work13 together13

bull  Although13 effecve13 appear13 architecturally13 desultory13 reacve13 and13 taccal13 in13 nature13

bull  NGFWs13 offer13 a13 good13 compliment13 of13 security13 soluons13 in13 one13 appliance13

bull  Not13 all13 NGFWs13 are13 created13 equal13 bull  313 factors13 for13 establishing13 a13 need13 for13 a13 NGFW13

bull  Is13 the13 investment13 jusfiable13 bull  Alignment13 with13 exisng13 IT13 strategies13 bull  Total13 Cost13 of13 Ownership13 (TCO)13


13

Is13 the13 investment13 jusfiable13

2513

bull  Basic13 firewall13 services13 regulate13 network13 connecons13 between13 computer13 systems13 of13 differing13 trust13 levels13

bull  Most13 enterprises13 need13 bull  IPSIDS13 bull  Firewall13 (deep13 packet13 inspecon)13 bull  An-shy‐virusMalware13 protecon13 bull  Applicaon13 controls13 bull  VPN13 bull  Session13 encrypon13 (TLS13 12)13 bull  Wireless13 security13 bull  Mobile13 security13 13


13

Alignment13 with13 exisng13 IT13 strategies13

2613

bull  Organizaons13 that13 deploy13 NGFWs13 may13 discover13 they13 do13 not13 require13 all13 the13 security13 features13 these13 appliances13 support13

bull  Features13 required13 by13 an13 enterprise13 should13 be13 determined13 in13 advance13 as13 this13 will13 influence13 what13 NGFW13 product13 is13 bought13 and13 which13 security13 services13 to13 enable13

bull  Some13 NGFWs13 have13 security13 features13 built13 into13 the13 appliance13 at13 no13 addional13 cost13 13

bull  Some13 do13 not13 acvate13 feature13 since13 they13 have13 not13 found13 them13 necessary13 or13 because13 they13 do13 not13 fit13 their13 business13 model13 13


13

For13 example13

2713

bull  Large13 retail13 companies13 might13 opt13 for13 a13 NGFW13 soluon13 at13 the13 corporate13 headquarters13 but13 go13 with13 point13 soluons13 in13 each13 retail13 store13 -shy‐-shy‐13 whether13 from13 the13 same13 vendor13 or13 not13

bull  Online13 retail13 businesses13 that13 do13 not13 have13 brick13 and13 mortar13 locaons13 typically13 require13 robust13 and13 therefore13 increasingly13 integrated13 network13 security13 soluons13 that13 focus13 on13 QoS13 load13 balancing13 IPS13 web13 applicaon13 security13 SSL13 VPN13 and13 strong13 firewalls13 with13 deep13 packet13 inspecon13

bull  Enterprises13 that13 are13 heavily13 regulated13 via13 standards13 (eg13 PCI13 HIPAA13 HITECH13 Act13 Sarbanes-shy‐Oxley13 FISMA13 PERC13 etc)13 would13 need13 to13 also13 address13 remote13 access13 controls13 two-shy‐factor13 authencaon13 Acve13 Directory13 integraon13 and13 possibly13 DLP13


13


2813

bull  Whatever13 course13 is13 taken13 informaon13 security13 decisions13 need13 to13 integrated13 with13 ITrsquos13 strategic13 goals13 13 13

bull  IT13 in13 turn13 exists13 to13 support13 the13 business13 IT13 does13 not13 drive13 the13 business13 13

bull  The13 business13 drives13 the13 business13 13 bull  ITrsquos13 purpose13 is13 to13 ensure13 the13 IT13 infrastructure13

(perimeter13 and13 core13 deployments)13 exist13 to13 allow13 the13 business13 to13 achieve13 its13 strategic13 goals13 13


13

Total13 Cost13 of13 Ownership13 (TCO)13

2913

TCO13 establishes13 the13 right13 complement13 of13 resources13 -shy‐-shy‐13 people13 and13 technology13 bull  Total13 cost13 of13 technology13 (TCT)13 The13 cost13 of13 technology13

that13 is13 required13 to13 deploy13 monitor13 and13 report13 on13 the13 state13 of13 informaon13 security13 for13 the13 enterprise13

bull  Total13 cost13 of13 risk13 (TCR)13 The13 cost13 to13 esmate13 and13 not13 deploy13 resources13 processes13 or13 technology13 for13 your13 enterprise13 such13 as13 compliance13 risk13 security13 risk13 legal13 risk13 and13 reputaon13 risk13

bull  Total13 cost13 of13 maintenance13 (TCM)13 The13 cost13 of13 maintaining13 the13 informaon13 security13 program13 such13 as13 people13 skills13 flexibility13 scalability13 and13 comprehensiveness13 of13 the13 systems13 deployed13

1111513 3013


CASE13 FOR13 A13 NGFW13

3013


13

Six13 Criteria13 for13 buying13 a13 NGFW13

3113

It13 is13 clear13 that13 regardless13 of13 what13 vendors13 call13 their13 NGFW13 products13 it13 is13 incumbent13 that13 buyers13 understand13 the13 precise13 features13 each13 NGFW13 product13 under13 consideraon13 includes13 Letrsquos13 look13 at13 six13 criteria13 13

bull  Plaborm13 Type13 bull  Feature13 Set13 bull  Performance13 bull  Manageability13 bull  Price13 bull  Support13


13

Plaborm13 Type13

3213

bull  How13 is13 the13 NFGW13 provided13 13 bull  Most13 next-shy‐gen13 firewalls13 are13 hardware-shy‐13 (appliance)13

sofware-shy‐13 (downloadable)13 or13 cloud-shy‐based13 (SaaS)13 bull  Hardware-shy‐based13 NGFWs13 appeal13 best13 to13 large13 and13

midsize13 enterprises13 bull  Sofware-shy‐based13 NGFWs13 to13 small13 companies13 with13 simple13

network13 infrastructures13 bull  Cloud-shy‐based13 NGFWs13 to13 highly13 decentralized13 mul-shy‐

locaon13 sites13 or13 enterprises13 where13 the13 required13 skill13 set13 to13 manage13 them13 is13 wanng13 or13 reallocated13


13

Feature13 Set13

3313

bull  Not13 all13 NGFW13 features13 are13 similarly13 available13 by13 vendor13 bull  NGFW13 features13 typically13 consist13 of13 13

bull  inline13 deep13 packet13 inspecon13 firewalls13 13 bull  IDSIPS13 13 bull  applicaon13 inspecon13 and13 control13 13 bull  SSLSSH13 inspecon13 13 bull  website13 filtering13 and13 13 bull  QoSbandwidth13 management13 to13 protect13 networks13

against13 the13 latest13 in13 sophiscated13 network13 adacks13 and13 intrusion13 13

bull  Addionally13 most13 NGFWs13 offer13 threat13 intelligence13 mobile13 device13 security13 data13 loss13 prevenon13 (DLP)13 Acve13 Directory13 integraon13 and13 an13 open13 architecture13 that13 allows13 clients13 to13 tailor13 applicaon13 control13 and13 even13 some13 firewall13 rule13 definions13


13

Performance13

3413

bull  Because13 NGFWs13 integrate13 many13 features13 into13 a13 single13 appliance13 they13 may13 seem13 adracve13 to13 some13 organizaons13 13

bull  However13 enabling13 all13 available13 features13 at13 once13 could13 result13 in13 serious13 performance13 degradaon13 13

bull  NGFW13 performance13 metrics13 have13 improved13 over13 the13 years13 but13 the13 buyer13 needs13 to13 seriously13 consider13 performance13 in13 relaonship13 to13 the13 security13 features13 they13 want13 to13 enable13 when13 determining13 the13 vendors13 they13 approach13 and13 the13 model13 of13 NGFW13 they13 choose13


13

Manageability13

3513

bull  This13 criterion13 involves13 system13 configuraon13 requirements13 and13 usability13 of13 the13 management13 console13

bull  It13 considers13 how13 the13 NGFW13 manages13 complex13 environments13 with13 many13 firewalls13 and13 users13 and13 very13 narrow13 firewall13 change13 windows13

bull  System13 configuraon13 changes13 and13 the13 user13 interface13 of13 the13 management13 console13 should13 be13 1   comprehensive13 -shy‐13 such13 that13 it13 covers13 an13 array13 of13 features13

that13 preclude13 the13 need13 for13 augmentaon13 by13 other13 point13 soluons13 13

2   flexible13 -shy‐13 possible13 to13 exclude13 features13 that13 are13 not13 needed13 in13 the13 enterprise13 environment13 and13 13

3   easy13 to13 use13 -shy‐13 such13 that13 the13 management13 console13 individual13 feature13 dashboards13 and13 reporng13 are13 intuive13 and13 incisive13


13

Price13

3613

bull  NGFW13 appliance13 sofware13 and13 cloud13 service13 pricing13 varies13 considerably13 by13 vendor13 and13 model13

bull  Prices13 range13 from13 $59913 to13 $80000+13 per13 device13 bull  Some13 are13 even13 priced13 by13 number13 of13 users13 (eg13 $110013

for13 1-shy‐9913 users13 to13 $10000013 for13 500013 users+)13 13 bull  All13 meanwhile13 have13 separate13 pricing13 for13 service13

contracts13 bull  If13 possible13 do13 not13 pay13 retail13 prices13 13 bull  Most13 vendors13 will13 provide13 volume13 discounts13 (the13 more13

users13 supported13 the13 less13 it13 costs13 per13 user13 for13 example)13 or13 discounts13 with13 viable13 prospects13 of13 further13 purchases13

bull  Purchase13 at13 month-shy‐end13 and13 quarter-shy‐end13 Sales13 people13 have13 goals13 that13 can13 be13 leveraged13 for13 pricing13 to13 your13 advantage13


13

Support13

3713

bull  The13 201513 Gartner13 Magic13 Quadrant13 on13 NGFW13 also13 rated13 support13 -shy‐-shy‐13 with13 quality13 breadth13 and13 value13 of13 NGFW13 offerings13 viewed13 from13 the13 vantage13 point13 of13 enterprise13 needs13 13

bull  Given13 the13 crical13 nature13 of13 NGFWs13 mely13 and13 accurate13 support13 is13 essenal13 Obtain13 references13 and13 ask13 to13 speak13 with13 vendor13 clients13 without13 the13 vendor13 present13

bull  Support13 criteria13 for13 NGFWs13 should13 address13 responsiveness13 ranked13 by13 type13 of13 service13 request13 quality13 and13 accuracy13 of13 the13 service13 response13 currency13 of13 product13 updates13 and13 customer13 educaon13 and13 awareness13 of13 current13 events13

1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913

The13 top13 nine13 NGFW13 vendors13 are13 13 bull  Checkpoint13 bull  Dell13 Sonicwall13 13 bull  Palo13 Alto13 bull  Cisco13 bull  Fornet13 13 bull  HP13 TippingPoint13 13 bull  McAfee13 13 bull  Barracuda13 13 There13 are13 other13 NGFW13 vendors13 but13 these13 are13 the13 top13 913


13

Quesons13 to13 consider13

4013

Quesons13 to13 consider13 when13 comparing13 these13 and13 other13 NGFW13 products13 include13 13

bull  What13 is13 their13 product13 line13 13 bull  Is13 their13 NGFW13 for13 cloud13 service13 providers13 large13

enterprises13 SMBs13 or13 small13 companies13 13 bull  What13 are13 the13 NGFW13 features13 that13 come13 with13 the13

base13 product13 13 bull  What13 features13 need13 an13 extra13 license(s)13 13 bull  How13 is13 the13 NGFW13 sold13 and13 priced13 13 bull  What13 differenates13 their13 NFGW13 from13 other13 vendor13

NGFW13 products13 13


13

What13 features13 are13 available13 in13 the13 NGFW13

4113

Non-shy‐common13 NGFW13 features13 vary13 by13 vendor13 So13 this13 is13 where13 organizaons13 can13 start13 to13 differenate13 which13 NGFWs13 will13 work13 for13 them13 and13 which13 wonrsquot13 For13 example13 bull  Dell13 SonicWall13 provides13 security13 services13 such13 as13 gateway13

an-shy‐malware13 content13 filtering13 and13 client13 anvirus13 and13 anspyware13 that13 are13 licensed13 on13 an13 annual13 subscripon13 contract13 Dell13 SecureWorks13 premium13 Global13 Threat13 Intelligence13 service13 is13 an13 addional13 subscripon13

bull  Cisco13 provides13 Applicaon13 Visibility13 and13 Control13 as13 part13 of13 the13 base13 configuraon13 at13 no13 cost13 but13 separate13 licenses13 are13 required13 for13 Next13 Generaon13 Intrusion13 Prevenon13 Systems13 (NGIPS)13 Advanced13 Malware13 Protecon13 and13 URL13 filtering13

bull  McAfee13 provides13 clustering13 and13 mul-shy‐Link13 as13 standard13 features13 with13 McAfee13 Next13 Generaon13 Firewall13 license13


13


4213

bull  Barracuda13 requires13 an13 oponal13 subscripon13 for13 malware13 protecon13 (AV13 engine13 by13 Avira)13 threat13 intelligence13 and13 for13 advanced13 client13 Network13 Access13 Control13 (NAC)13 VPNSSL13 VPN13 features13

bull  Juniper13 offers13 advanced13 sofware13 security13 services13 (NGFWUTMIPSThreat13 Intelligence13 Service)13 shipped13 with13 its13 SRX13 Series13 Services13 Gateways13 13 that13 can13 be13 turned13 on13 with13 the13 purchase13 of13 an13 addional13 license13 which13 can13 be13 subscripon-shy‐based13 or13 perpetual13 No13 addional13 components13 are13 required13 to13 turn13 services13 onoff13

bull  Checkpoint13 provides13 a13 full13 NGFW13 soluon13 package13 13 with13 all13 of13 its13 sofware13 blades13 included13 under13 one13 license13 However13 it13 does13 not13 provide13 mobile13 device13 controls13 or13 Wi-shy‐Fi13 network13 control13 without13 purchasing13 a13 different13 Checkpoint13 product13

13


13


4313

The13 key13 message13 in13 this13 comparison13 is13 that13 in13 addion13 to13 the13 common13 features13 one13 needs13 to13 carefully13 review13 those13 features13 that13 require13 addional13 licenses13 and13 whether13 they13 are13 significant13 enough13 to13 decide13 on13 a13 specific13 products13 procurement13 13 13 bull  For13 example13 if13 you13 need13 a13 DLP13 feature13 those13 NGFWs13

that13 provide13 it13 such13 as13 Checkpoint13 although13 offered13 with13 over13 60013 types13 you13 might13 determine13 that13 a13 full-shy‐featured13 DLP13 soluon13 might13 sll13 be13 required13 if13 the13 Checkpoint13 is13 not13 sufficient13 13

bull  The13 same13 would13 apply13 to13 web13 applicaon13 firewalls13 (WAF)13 such13 as13 the13 Dell13 Sonicwall13 but13 again13 is13 not13 a13 full-shy‐featured13 WAF13 13


13


4413

bull  Another13 example13 would13 be13 Cisco13 although13 malware13 protecon13 is13 available13 with13 their13 network13 an-shy‐virusmalware13 soluon13 but13 an13 addional13 licenses13 would13 be13 required13 for13 their13 Advanced13 Malware13 Protecon13 NGIPS13 and13 URL13 filtering13 13

bull  Barracuda13 NG13 Firewall13 also13 requires13 an13 addional13 license13 for13 Malware13 Protecon13 (An-shy‐Virus13 engine13 by13 Avira)13

bull  There13 are13 some13 vendors13 that13 provide13 threat13 intelligence13 services13 as13 part13 of13 the13 NGFW13 offering13 such13 as13 Fornet13 McAfee13 and13 HP13 TippingPoint13 13

bull  Juniperrsquos13 Threat13 Intelligence13 Service13 is13 shipped13 with13 the13 SRX13 but13 needs13 to13 be13 acvated13 with13 the13 purchase13 of13 an13 addional13 license13


13

How13 is13 the13 NGFW13 sold13 licensed13 and13 priced13

4513

bull  All13 NGFW13 products13 are13 licensed13 per13 physical13 device13 Addional13 licenses13 are13 required13 for13 the13 non-shy‐common13 features13 stated13 above13 13 13 13

bull  Read13 the13 TampCs13 to13 determine13 what13 services13 are13 available13 in13 the13 base13 NGFW13 produce13 and13 what13 services13 require13 an13 addional13 license13

bull  All13 NGFW13 products13 are13 priced13 by13 scale13 based13 on13 the13 type13 of13 hardware13 ulized13 and13 service13 contract13

bull  While13 pricing13 structure13 appears13 disparate13 similaries13 do13 exist13 in13 the13 lower-shy‐end13 product13 lines13 (in13 other13 words13 the13 smaller13 the13 NGFW13 need13 the13 simpler13 the13 pricing)13 13 13

bull  The13 larger13 the13 enterprise13 and13 volume13 purchase13 potenal13 the13 greater13 the13 disparity13 but13 also13 the13 greater13 the13 bargaining13 power13 on13 the13 part13 of13 the13 customer13


13

Key13 differenators13 between13 NGFW13 products13

4613

bull  Checkpoint13 is13 the13 inventor13 of13 stateful13 firewalls13 It13 has13 the13 highest13 block13 rate13 of13 IPS13 among13 its13 competors13 largest13 applicaon13 library13 (over13 5000)13 than13 any13 other13 data13 loss13 prevenon13 (DLP)13 with13 over13 60013 file13 types13 change13 management13 13 (ie13 configuraon13 and13 rule13 changes)13 that13 no13 one13 else13 has13 and13 Acve13 Directory13 integraon13 agent-shy‐based13 or13 agentless13

bull  Dell13 SonicWall13 has13 patented13 Reassembly-shy‐Free13 Deep13 Inspecon13 (RFDPI)13 13 which13 allows13 for13 centralized13 management13 for13 users13 to13 deploy13 manage13 and13 monitor13 many13 thousands13 of13 firewalls13 through13 a13 single-shy‐pane13 of13 glass13


13


4713

bull  Cisco13 ASA13 with13 FirePower13 Services13 provides13 an13 integrated13 defense13 soluon13 with13 greater13 firewall13 features13 detecon13 and13 protecon13 threat13 services13 than13 other13 vendors13

bull  Fornet13 lauds13 its13 11-shy‐year13 old13 in-shy‐house13 dedicated13 security13 research13 team13 -shy‐-shy‐13 ForGuard13 Labs13 -shy‐-shy‐13 one13 of13 the13 few13 NGFW13 vendors13 that13 have13 its13 own13 since13 most13 OEM13 this13 acvity13 Fornet13 also13 purports13 to13 have13 NGFW13 ForGate13 that13 can13 deliver13 five13 mes13 beder13 performance13 of13 comparavely13 priced13 competor13 products13

bull  HP13 TippingPoint13 is13 known13 for13 its13 NGFWrsquos13 simple13 effecve13 and13 reliable13 implementaon13 The13 security13 effecveness13 coverage13 is13 high13 with13 over13 820013 filters13 that13 block13 known13 and13 unknown13 threats13 and13 over13 38313 zero-shy‐day13 filters13 in13 201413 alone13


13


4813

bull  McAfee13 NGFW13 provides13 ldquointelligence13 awarerdquo13 security13 controls13 advanced13 evasion13 prevenon13 and13 a13 unified13 sofware13 core13 design13

bull  Barracuda13 purports13 the13 lowest13 total13 cost13 of13 ownership13 (TCO)13 in13 the13 industry13 due13 to13 advanced13 troubleshoong13 capabilies13 and13 smart13 lifecycle13 management13 features13 built13 into13 large13 scaling13 central13 management13 server13 The13 NGFW13 is13 also13 the13 only13 one13 that13 provides13 NGFW13 applicaon13 control13 and13 user13 identy13 funcons13 for13 SMBs13

bull  Juniper13 SRX13 is13 the13 first13 NGFW13 to13 offer13 customers13 validated13 (Telcordia)13 99999913 availability13 of13 the13 SRX13 500013 line13 The13 SRX13 Series13 are13 also13 the13 first13 NGFW13 to13 deliver13 automaon13 of13 firewall13 funcons13 via13 JunoScript13 and13 open13 API13 to13 programming13 tools13 Open13 adack13 signatures13 in13 the13 IPS13 also13 allow13 customers13 to13 add13 or13 customize13 signatures13 tailored13 for13 their13 network13


13

How13 to13 select13 the13 right13 NGFW13

4913

Consider13 the13 following13 criteria13 in13 selecng13 the13 NGFW13 vendor13 and13 model13 for13 your13 enterprise13 13

(1)  idenfy13 the13 players13 13 (2)  develop13 a13 short13 list13 13 (3)  perform13 a13 proof13 of13 concept13 ndash13 POC13 13 (4)  make13 reference13 calls13 13 (5)  consider13 cost13 13 (6)  obtain13 management13 buy-shy‐in13 and13 13 (7)  work13 out13 contract13 negoaons13 13 (8)  Total13 cost13 of13 ownership13 (TCO)13 is13 also13 crical13 13

Lastly13 but13 no13 less13 important13 consider13 the13 skill13 set13 of13 your13 staff13 and13 the13 business13 model13 and13 growth13 expectaon13 for13 your13 enterprise13 -shy‐-shy‐13 all-shy‐important13 factors13 in13 making13 your13 decision13

1111513 5013


NGFW13 AUDIT13

5013


13

EvaluaBon13 and13 Audit13 of13 NGFW13

v Plaborm13 Based13 ndash13 appliancesofwareSaaS13 v Feature13 Set13 ndash13 baseline13 and13 add-shy‐ons13 v Performance13 ndash13 NSS13 Labs13 results13 v Manageability13 ndash13 comprehensiveeasy13 to13 use13 v Threat13 Intelligence13 ndash13 currencyaccuracycompleteness13 v TCO13 ndash13 total13 cost13 of13 ownership13 v Risk13 ndash13 consider13 the13 business13 model13 and13 objecves13 v Price13 ndash13 you13 get13 what13 you13 pay13 for13 v Support13 ndash13 what13 is13 support13 experience13 v Differenators13 ndash13 what13 sets13 them13 apart13 13

5113


13

Miguel13 (Mike)13 O13 Villegas13 is13 a13 Vice13 President13 for13 K3DES13 LLC13 13 He13 performs13 and13 QArsquos13 PCI-shy‐DSS13 and13 PA-shy‐DSS13 assessments13 for13 K3DES13 clients13 13 He13 also13 manages13 the13 K3DES13 13 ISOIEC13 27001200513 program13 13 Mike13 was13 previously13 Director13 of13 Informaon13 Security13 at13 Newegg13 Inc13 for13 five13 years13 Mike13 is13 currently13 a13 contribung13 writer13 for13 SearchSecurity13 ndash13 TechTarget13 13 Mike13 has13 over13 3013 years13 of13 Informaon13 Systems13 security13 and13 IT13 audit13 experience13 Mike13 was13 previously13 Vice13 President13 amp13 Technology13 Risk13 Manager13 for13 Wells13 Fargo13 Services13 responsible13 for13 IT13 Regulatory13 Compliance13 and13 was13 previously13 a13 partner13 at13 Arthur13 Andersen13 and13 Ernst13 amp13 Young13 for13 their13 informaon13 systems13 security13 and13 IS13 audit13 groups13 over13 a13 span13 of13 nine13 years13 Mike13 is13 a13 CISA13 CISSP13 GSEC13 and13 CEH13 13 He13 is13 also13 a13 QSA13 and13 13 PA-shy‐QSA13 as13 VP13 for13 K3DES13 13 13 Mike13 was13 president13 of13 the13 LA13 ISACA13 Chapter13 during13 2010-shy‐201213 and13 president13 of13 the13 SF13 ISACA13 Chapter13 during13 2005-shy‐200613 He13 was13 the13 SF13 Fall13 Conference13 Co-shy‐Chair13 from13 2002ndash200713 and13 also13 served13 for13 two13 years13 as13 Vice13 President13 on13 the13 Board13 of13 Directors13 for13 ISACA13 Internaonal13 Mike13 has13 taught13 CISA13 review13 courses13 for13 over13 1813 years13 13 13

BIO13

5213


13

Abstract13 Recent13 security13 breaches13 to13 some13 of13 the13 largest13 and13 seemingly13 more13 secure13 environments13 beg13 the13 queson13 whether13 exisng13 protecon13 mechanisms13 are13 sufficient13 to13 deter13 unauthorized13 access13 to13 crical13 assets13 13 Tradional13 firewalls13 an-shy‐virus13 and13 intrusion13 prevenon13 systems13 appear13 to13 have13 lost13 their13 usefulness13 13 In13 reality13 they13 are13 sll13 very13 much13 in13 use13 however13 more13 robust13 and13 effecve13 soluons13 are13 needed13 to13 keep13 up13 with13 those13 that13 threaten13 our13 network13 infrastructures13 13 13 Next-shy‐Generaon13 Firewalls13 are13 integrated13 network13 plaborms13 that13 consist13 of13 in-shy‐line13 deep13 packet13 inspecon13 (DPI)13 firewalls13 Intrusion13 Prevenon13 Systems13 Applicaon13 Inspecon13 and13 Control13 SSLSSH13 inspecon13 website13 filtering13 and13 Quality13 of13 Service13 (QoS)bandwidth13 management13 in13 the13 network13 to13 protect13 the13 network13 against13 latest13 sophiscated13 adacks13 13 This13 session13 will13 cover13 NGFW13 features13 uses13 business13 case13 and13 vendor13 offerings13 13 It13 will13 also13 provide13 the13 parcipant13 with13 a13 roadmap13 on13 how13 to13 audit13 and13 manage13 a13 NGFWs13 Afer13 compleng13 this13 session13 parcipants13 will13 be13 able13 to13 113 Beder13 understand13 what13 is13 a13 Next13 Generaon13 Firewall13 213 Gain13 knowledge13 in13 how13 do13 they13 differ13 from13 UTM13 313 Beder13 understand13 what13 are13 NGFW13 features13 and13 how13 do13 they13 work13 413 Beder13 understand13 how13 to13 make13 a13 business13 case13 for13 a13 NGFW13 513 Gain13 knowledge13 in13 how13 to13 audit13 and13 manage13 a13 NGFW13

213

The13 products13 presented13 in13 this13 session13 are13 for13 informaonal13 purposes13 only13 and13 does13 not13 reflect13 an13 endorsement13 or13 recommendaon13 on13 the13 part13 of13 the13 presenter13 13 Adendees13 are13 advised13 to13 perform13 their13 own13 due13 diligence13 in13 selecng13 the13 right13 soluon13 for13 their13 instuons13


13



313

1111513 413


NGFW13 PRIMER13

413


13

NGFW13 Primer13

513




13

613



User-based Controls



Anti-virus


Anti-spam


Command amp control

GeoIP

Industry feeds

Custom feeds


Management

VPN NAT


Routing

Analytics




13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13



313

1111513 413


NGFW13 PRIMER13

413


13

NGFW13 Primer13

513




13

613



User-based Controls



Anti-virus


Anti-spam


Command amp control

GeoIP

Industry feeds

Custom feeds


Management

VPN NAT


Routing

Analytics




13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1111513 413


NGFW13 PRIMER13

413


13

NGFW13 Primer13

513




13

613



User-based Controls



Anti-virus


Anti-spam


Command amp control

GeoIP

Industry feeds

Custom feeds


Management

VPN NAT


Routing

Analytics




13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

NGFW13 Primer13

513




13

613



User-based Controls



Anti-virus


Anti-spam


Command amp control

GeoIP

Industry feeds

Custom feeds


Management

VPN NAT


Routing

Analytics




13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

613



User-based Controls



Anti-virus


Anti-spam


Command amp control

GeoIP

Industry feeds

Custom feeds


Management

VPN NAT


Routing

Analytics




13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13




713


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


813


13


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


913


13


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


1013



13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1113


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1213


1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1313 13 13 |13 13 13 1111513





1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


1413 13 13 |13 13 13 1111513









13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

UTM13 vs13 NGFW13

1513




13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1613


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1713



13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1813





13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

1913

October13 713 201513



13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

2013


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

2113


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

2213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1111513 2313


NEED13 FOR13 NGFW13

2313


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


2413








13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


2513




13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


2613






13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

For13 example13

2713





13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


2813






13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


2913





1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1111513 3013



3013


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


3113




13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Plaborm13 Type13

3213







13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Feature13 Set13

3313






13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Performance13

3413





13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Manageability13

3513








13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Price13

3613








13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

Support13

3713




1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1111513 3813


NGFW13 VENDORS13

3813


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13

NGFW13 Players13

3913



13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4013







13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4113






13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4213




13


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4313





13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4413






13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4513







13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4613




13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4713





13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4813





13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13


4913




1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213

1111513 5013


NGFW13 AUDIT13

5013


13



5113


13


BIO13

5213


13



5113


13


BIO13

5213


13


BIO13

5213

NextGeneraon%Firewalls:%Top%9% Revisited% · 2015%Fall%Conference%–“CyberSizeIT”%...

Documents

Transcript of NextGeneraon%Firewalls:%Top%9% Revisited% · 2015%Fall%Conference%–“CyberSizeIT”%...