Educause Security Discussion
mailing list archives
Re: Checkpoint Vs. Palo Alto Vs. Fortinet
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Thu, 7 Nov 2013 14:44:48 +0000
I was an early adopter of Palo Alto (previously long-term FW-1 customer). The L7 functionality and threat prevention
were "different" to get used to. We still have to explain to vendors looking to connect systems here that "port 80"
doesn't necessarily mean "http". But last night, PA upgraded the threat prevention to deal with new zero day TIF
vulnerability in Microsoft products. That gives that extra layer while we wait for Microsoft to respond .. again.
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Bradley,
Stephen [bradlesw () MIAMIOH EDU]
Sent: Monday, November 04, 2013 10:18 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Checkpoint Vs. Palo Alto Vs. Fortinet
I'd have to say we have been pretty happy with our selection of Palo Alto as well.
On Mon, Nov 4, 2013 at 10:06 AM, Kevin Robert Hayes <krhayes () wayne edu<mailto:krhayes () wayne edu>> wrote:
Earlier this year we went thru a bake-off and RFP process for replacing our Internet firewalls. I'm certain that the
vendors hated going thru the 144-point evaluation, but it made a clear and level playing field. We selected Palo Alto
from our responding manufacturers (Cisco, Juniper, Dell, HP, Fortinet) and have been *extremely* satisfied with the
featureset, functionality, and performance of the device.
Kevin Hayes, CISSP
Information Security Officer
Computing & Information Technology
Wayne State University
krhayes () wayne edu<mailto:krhayes () wayne edu>
From: "Allan Nelson" <allan.nelson () UTT EDU TT<mailto:allan.nelson () UTT EDU TT>>
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Friday, November 1, 2013 6:05:38 PM
Subject: [SECURITY] Checkpoint Vs. Palo Alto Vs. Fortinet
My institution is currently reviewing its firewall strategy with the aim of upgrading/replacing our current firewall
infrastructure. We are currently a Checkpoint shop, with devices providing both Advanced Networking and firewalling
(UTM) capabilities. We recently met with reps from Palo Alto and Fortinet and on the surface they both seem to provide
viable, possibly even cheaper alternatives. I just wanted to hear from the group of any experiences with Palo Alto
and/or Fortinet to help us in our decision making. We currently have a combination of CP 9075s, 5075s and 576s
deployed at our main and satellite campuses.
Manager, Security and Governance
University of Trinidad and Tobago
Help save paper! Do you really need to print this email? This e-mail (including any attachments) is intended for the
sole use of the recipient/s to whom it is addressed and may contain material that is PRIVATE AND CONFIDENTIAL. It is
the property of UTT in which all rights are reserved except where otherwise indicated. If you are not the intended
recipient, please be advised that unauthorized use, disclosure, dissemination, reproduction, distribution of, or taking
any action in reliance on the contents of this e-mail is STRICTLY PROHIBITED AND MAY BE UNLAWFUL. If you are not the
intended recipient, please contact the sender by e-mail and delete all copies thereof. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or
incomplete, or contain viruses. Neither the sender nor UTT accepts any liability for damage of any kind resulting from
risks which are inherent in the electronic transmission of messages.
Stephen W. Bradley CISSP GCFA GCIH GWAPT SSCP
Senior Security Engineer
bradlesw () miamioh edu<mailto:bradlesw () miamioh edu>