Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Fortinet unified threat management evaluation feedback needed
From: Jere Retzer <retzerj () OHSU EDU>
Date: Tue, 27 Feb 2007 15:40:31 -0800

You might also consider Snort as an open source solution. Doesn't include virus scanning but is billed these days as an 
intrusion prevention as well as detection system. Of course, putting anything inline can impact performance

cjf () CALFRYE COM 2/27/2007 2:18 PM >>>
Jere Retzer wrote:
One caution: be sure
to evaluate carefully your throughput needs as IPS and virus scanning
seem to drop throughput by around 90%. I also wonder what are the
lantency and other impacts on VOIP and h.323.

Christian.Heroux () ETSMTL CA 2/27/2007 9:22 AM >>>
I am worry to put all my eggs in one basket. I know
they use ASIC instead of CPU but I would like to see all eight
functions activated (firewall, antivirus, anti-spam, IPS, IDS,
traffic shaping, VPN)

We've seen that just stacking individual devices inline can raise
latency to unacceptable levels. I have no experience with the Fortigate,
but you're right to be worried.

Have them send you a largish unit for evaluation -- you'll never know
how it works with your traffic until you try it out. The times I've done
this, I often haven't changed vendors, but frequently have discovered we
needed a more capable box than we evaluated (wishful thinking, every time).

-- Cal Frye, Network Administrator, Oberlin College

   www.calfrye.com,  www.pitalabs.com 

"Even if you win the rat race, you're still a rat."

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]