Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Checkpoint Vs. Palo Alto Vs. Fortinet
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Thu, 7 Nov 2013 14:44:48 +0000

I was an early adopter of Palo Alto (previously long-term FW-1 customer).  The L7 functionality and threat prevention 
were "different" to get used to.  We still have to explain to vendors looking to connect systems here that "port 80" 
doesn't necessarily mean "http".  But last night, PA upgraded the threat prevention to deal with new zero day TIF 
vulnerability in Microsoft products.  That gives that extra layer while we wait for Microsoft to respond .. again.


From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Bradley, 
Stephen [bradlesw () MIAMIOH EDU]
Sent: Monday, November 04, 2013 10:18 AM
Subject: Re: [SECURITY] Checkpoint Vs. Palo Alto Vs. Fortinet

I'd have to say we have been pretty happy with our selection of Palo Alto as well.


On Mon, Nov 4, 2013 at 10:06 AM, Kevin Robert Hayes <krhayes () wayne edu<mailto:krhayes () wayne edu>> wrote:

Earlier this year we went thru a bake-off and RFP process for replacing our Internet firewalls.  I'm certain that the 
vendors hated going thru the 144-point evaluation, but it made a clear and level playing field.  We selected Palo Alto 
from our responding manufacturers (Cisco, Juniper, Dell, HP, Fortinet) and have been *extremely* satisfied with the 
featureset, functionality, and performance of the device.

Kevin Hayes, CISSP
Information Security Officer
Computing & Information Technology
Wayne State University
krhayes () wayne edu<mailto:krhayes () wayne edu>


From: "Allan Nelson" <allan.nelson () UTT EDU TT<mailto:allan.nelson () UTT EDU TT>>
Sent: Friday, November 1, 2013 6:05:38 PM
Subject: [SECURITY] Checkpoint Vs. Palo Alto Vs. Fortinet


My institution is currently reviewing its firewall strategy with the aim of upgrading/replacing our current firewall 
infrastructure.   We are currently a Checkpoint shop, with devices providing both Advanced Networking and firewalling 
(UTM) capabilities.  We recently met with reps from Palo Alto and Fortinet and on the surface they both seem to provide 
viable, possibly even cheaper alternatives.   I just wanted to hear from the group of any experiences with Palo Alto 
and/or Fortinet to help us in our decision making.   We currently have a combination of CP 9075s, 5075s and 576s 
deployed at our main and satellite campuses.


Allan Nelson
Manager, Security and Governance
University of Trinidad and Tobago

Help save paper! Do you really need to print this email? This e-mail (including any attachments) is intended for the 
sole use of the recipient/s to whom it is addressed and may contain material that is PRIVATE AND CONFIDENTIAL. It is 
the property of UTT in which all rights are reserved except where otherwise indicated. If you are not the intended 
recipient, please be advised that unauthorized use, disclosure, dissemination, reproduction, distribution of, or taking 
any action in reliance on the contents of this e-mail is STRICTLY PROHIBITED AND MAY BE UNLAWFUL. If you are not the 
intended recipient, please contact the sender by e-mail and delete all copies thereof. E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or 
incomplete, or contain viruses. Neither the sender nor UTT accepts any liability for damage of any kind resulting from 
risks which are inherent in the electronic transmission of messages.

Senior Security Engineer
Miami University
IT Services
bradlesw () miamioh edu<mailto:bradlesw () miamioh edu>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]