Advanced Firewalls Progress Report
-
Upload
bounceback-st-louis -
Category
Technology
-
view
339 -
download
0
description
Transcript of Advanced Firewalls Progress Report
![Page 2: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/2.jpg)
2
Who am I?
• Long time tech journalist, product reviewer and speaker
• IT manager from the dawn of the PC era• Former editor-in-chief at Network Computing,
Tom’s Hardware.com• Author of two books on computer networking• Based here
![Page 3: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/3.jpg)
3
Agenda
• Next Gen distinguishing characteristics• Issues with next gen deployment• UTM pro and con• Advanced persistent threat tools
![Page 4: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/4.jpg)
4
The older firewall generation
![Page 5: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/5.jpg)
5
Cisco ASA: what it used to be like
![Page 6: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/6.jpg)
6
Next Gen distinguishing characteristics
• Applications granularity and awareness• Integrated IPS• IP Reputation management• Geolocation
![Page 7: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/7.jpg)
7
![Page 8: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/8.jpg)
8
Cisco ASA applications granularity
![Page 9: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/9.jpg)
9
New Cisco ASA Dashboard
![Page 10: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/10.jpg)
10
And another Cisco view
![Page 11: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/11.jpg)
11
Palo Alto Networks “Applipedia”
![Page 12: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/12.jpg)
12
![Page 13: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/13.jpg)
13
Reputation management
![Page 14: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/14.jpg)
14
![Page 15: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/15.jpg)
15
McAfee Enterprise Firewall geo-location feature
![Page 16: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/16.jpg)
16
Deployment issues
• Next gen does things differently from old school:– NAT– QoS– Outbound vs. inbound rule focus
![Page 17: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/17.jpg)
17
![Page 18: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/18.jpg)
18
Understanding app ID implications for users
![Page 19: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/19.jpg)
19
One obstacle to switching to next-gen
![Page 20: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/20.jpg)
20
Network documentation isn’t current
![Page 21: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/21.jpg)
21
Handling VMs still an issue
![Page 22: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/22.jpg)
22
Lots of VM security products…
![Page 23: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/23.jpg)
23
Catbird’s compliance radar graph
![Page 24: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/24.jpg)
24
![Page 25: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/25.jpg)
25
Infrastructure misuse
![Page 26: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/26.jpg)
26
What about UTMs?
• Pro:– A lot of protection for the $ nowadays
(Juniper/Check Point)– One box does it all
• Con:– Complex licensing issues– Can get expensive if you have high bandwidth
needs– Latency can kill you if you turn on Anti-Virus
![Page 27: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/27.jpg)
27
Juniper SRX dashboard
![Page 28: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/28.jpg)
28
SonicWall
![Page 29: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/29.jpg)
29
![Page 30: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/30.jpg)
30
Watchguard UTM
![Page 31: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/31.jpg)
31
APT tools
• Try to catch the bad guys before they actually deploy their payloads, such as from Norse Corp. (local boys) and Cyphort
![Page 32: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/32.jpg)
32
![Page 33: Advanced Firewalls Progress Report](https://reader033.fdocuments.net/reader033/viewer/2022061113/545b22bbaf79594f558b5f74/html5/thumbnails/33.jpg)
33
For more info
• [email protected]• Twitter: @dstrom• http://strominator.com• TechTarget article: http://bit.ly/1dISmx4• Network World review of UTMs:
http://bit.ly/1fJtmHE