Re: State of security technology for the enterprise

[ArkanoiD <ark () eltex net>]

You are kidding calling those technologies "new"?

Actually we do need something new. Think
entitlement management, role-based access control, data flow tracking,
emdedded security tokens, OWASP frameworks, XML filtering etc. 

At least document fingerprinting and discovery as poor man's solution.
And configuration management and endpoint security solutions (not just "AV"!) for sure.

We all are going nowere because we are stuck into our old toys -
DPI, IDS, AV, VPN etc and actually have no idea how data flow *should* be managed -
and you are afraid of "potentialy immature technologies"? God damn,
everything you list is old as mammoth's fossilized crap!

Well, have a look at IBM's Datapower at least - much of your data flow is XML, right?
And forget that Cisco makes "firewalls". Those are not worth their power supply units.

On Wed, Apr 29, 2009 at 09:30:47AM -0400, Chris Hughes wrote:
>    Hello all.
>
>
>    I am currently developing a strategy for evolving the security for my
>    enterprise network.  Currently I protect the core network (servers and
>    services) and internet with inline sensors, use HIDS on all client
>    machines (which performs event correlation with the inline sensors)
>    content filtering, use of AV on all hosts, SSL and IPSec VPN and
>    spamfiltering on the edge.
>
>
>    In reviewing the latest offerings I see that there are new and
>    potentially immature technologies that may be the direction I need to
>    look.  These include:
>
>
>    DPI (deep packet inspection) firewalls
>
>    Content filtering on the firewall
>
>    SSL proxying with decryption for filtering abuse and data leak
>
>    DLP - related to ssl filtering but with the addition of protecting
>    data at rest from leaving the network.
>
>    VMWARE/Hypervisor sensors to protect my virtual infrastructure
>
>
>    The vendors offerings I am reviewing include:
>
>
>    Cisco
>
>    ISS
>
>    Juniper
>
>    Fortinet
>
>    Palo Alto
>
>
>    If I omitted serious contenders from my list please bring them to my
>    attention.  I also have a feature matrix I am willing to share if
>    anyone is interested.
>
>
>    Cisco has point product solutions for the most part but Juniper, Palo
>    Alto and Fortinet are combining some of the new abilities into a
>    single appliance.
>
>
>    I am looking for conversation on the newer technologies as well as
>    thoughts of combining them on a single albeit clustered/HA appliance
>    versus separate solutions for each function.  Another thing I wrestle
>    with is single vendor solutions versus hybrid solution that offers
>    some dioversity and a system of checks and balances.
>
>
>    Of particular interest is DPI.  From what I read this will be a major
>    advance that really grants security admins control at the firewall
>    that they never had before.
>
>
>    Please share your thoughts.
>
>
>    Thanks
>
>    email protected and scanned by AdvascanTM - keeping email useful -
>    www.advascan.com

> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () listserv icsalabs com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards