Re: Firewall Upgrade

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

I agree on wildfire, and URL filtering.  In fact, the URL filtering, which we primarily wanted as another layer to 
prevent phishing, was terrible.  My guess is it works great, in say a bank, but, in a university, the categories aren't 
that useful.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Hall, 
Rand
Sent: Friday, February 14, 2014 10:04 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Firewall Upgrade

Like Roger said, YMMV. Most people have many layers of defense. No layer is magic. OpenDNS blocks some stuff for us. PA 
DNS anti-hijacking firewall rules block stuff. Threat Protection on PA blocks some stuff. Basic Wildfire alerts on some 
stuff. Desktop AV still blocks some stuff. PA Threat Protection blocks/alerts on post-infection C&C traffic.

The basic Wildfire service that comes with Threat Protection is pretty good for what it is. The premium service is 
overpriced, IMHO (as is URL filtering).


Rand

Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532
rand.hall () merrimack edu<mailto:rand.hall () merrimack edu>

If I had an hour to save the world, I would spend 59 minutes defining the problem and one minute finding solutions. - 
Einstein

On Fri, Feb 14, 2014 at 10:25 AM, Mark Rogowski <m.rogowski () uwinnipeg ca<mailto:m.rogowski () uwinnipeg ca>> wrote:
Forgive the derailing of this thread, but given all the chatter regarding Palo Alto, I am very curious to know how 
effective the product is at stopping malware.  PA touts they have strong anti malware protection - is this in fact 
true?  Have any of you noticed a drop in your end point infections?

Mark Rogowski  CISSP, CISM
IT Security / Information Security Office
University of Winnipeg
Ph: 204-786-9034<tel:204-786-9034>





-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Michael Horne
Sent: Friday, February 14, 2014 8:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Firewall Upgrade
I will also give a +1 to Palo Alto, We replaced a pair of aging Nortel branded check points with a pair of PA 5020's. 
We are very pleased with them and I personally would recommend them as well. A lot deeper view into what's happening on 
the network as well. Rule creation is not bad either once yopu get the mind shift changed to zone / application based 
vrs just a port based FW.


Michael Horne
Network Engineer
Olin College of Engineering
1000 Olin Way, Milas Hall, Suite LL18
Needham, MA 02492
1-781-292-2438<tel:1-781-292-2438>



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Russo, Dan
Sent: Thursday, February 13, 2014 2:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Firewall Upgrade

We are looking into upgrading our Firewall. I was wondering if anyone had anything to offer in regards to what you are 
using and the pros/cons associated to it.

Thanks,

Dan