Re: NGFW Usage Information

[Brian Epstein <bepstein () IAS EDU>]

We are a Checkpoint shop.  Previously, we had a separate IPS, but chose
to use Checkpoints IPS blade instead.  Just like all IDS/IPS, it needs a
lot of care and feeding.

The one thing I like about Checkpoint is that I can run it on my own
hardware.  We have specific needs for copper and fiber.  By buying a
Dell server, we are able to populate it with the exact NICs we need at a
huge cost savings over purchasing a ready-made appliance.

I also like that Checkpoint can attach IPv4 and IPv6 addresses to the
same object.  This reduces the number of objects in the ruleset
significantly.

Thanks,
Brian

On 04/19/2017 09:46 AM, Pardonek, Jim wrote:
> I’ve finally been able to convince our leadership to pursue swapping out
> our IPS and ASA’s for a set of next gen firewalls.  We are still in the
> evaluation phase and as a part of our evaluations we are asked by senior
> leadership to quert other universities to get a barometer of what is
> being used.  If you would (and you can PM me) let me know if you have a
> NGFW and what it is (not needing specifics)  It will help us with our
> decision.  The 3 we looked at were Palo Alto, Check Point, and Cisco
> Firepower.
>
>  
>
> Appreciate any responses in advance!
>
>  
>
> Best,
>
>  
>
> Jim
>
>  
>
> *James Pardonek, MS, CISSP, CEH*
>
> *Information Security Officer**
> Loyola University Chicago 
> 1032 W. Sheridan Road | Chicago, IL  60660
> **
> (**: (773) 508-6086*
>
> *standard_isc2_cissp*
>
>  



-- 
Brian Epstein <bepstein () ias edu>                     +1 609-734-8179
Manager, Network and Security           Institute for Advanced Study
Key fingerprint = A6F3 9F5A 26C5 5847 79ED  C34C C0E5 244A 55CA 2B78

Attachment: signature.asc
Description: OpenPGP digital signature