[Dshield] Fortinet [Fortigate 5050]

Dregier, Leo A. (CMS/CTR) Leo.Dregier at CMS.hhs.gov
Fri Feb 9 13:00:33 GMT 2007


Bass,

I've used a Fortigate 5050.  I feel they are average in comparison.  Jamy is correct.  While you can get all in one appliances or Unified Thread Management as some refer to, remember that a layered solution should have multiple layers.  One could use McAfee on the desktop and a border gateway at the edge from another vendor for example.

Also, you have to consider how the appliance works for your company, what is your companies needs?  For smaller companies that want to save money, generally UTM will work, but for larger companies the only way to get real accounting is to have multiple solutions.

Get a loaner, run it on your network.  If it gives you the results, accounting and audit capabilities you need then it might be the way to go.

For me, it's all about reporting.  Can I interrogate the logs and get what I need easily.

My advice, get a loaner box, sales engineers should be more then willing to give you one for 30 days... minimum, sometimes 60 if you can justify a large purchase.

Lastly, Ask the company itself how it stacks up.  Then confirm that with the competitors same stat sheet!  They all claim to do it better then the rest.  So it's more of how the device works for you!

Best Regards,


Leo A. Dregier III
Computer Security Incident Response Capability (CSIRC)
- Incident Response Team - Incident Response Lead 
Centers for Medicare & Medicaid Services
Lockheed Martin CITIC Security Team
desk: 443-348-4002 
mobile: 410-274-2460
e-mail: Leo.Dregier at cms.hhs.gov 
The contents of this e-mail are confidential to the ordinary user of the e-mail address to which it was addressed and may also be privileged. If you are not the addressee of this e-mail you may not copy, forward, disclose or otherwise use it or any part of it in any form whatsoever. CMS does not accept responsibility for changes made to any e-mail after sending.  If you have received this e-mail in error please e-mail the sender by replying to this message.


-----Original Message-----
From: Klein, Jamy [mailto:Jamy.Klein at cshs.org] 
Sent: Thursday, February 08, 2007 12:13 PM
To: General DShield Discussion List
Subject: Re: [Dshield] Fortinet [Fortigate 5050]

I have not used them personally, but I know of them. My opinion is that you
should be careful with any product like that, that claims to do it all. How
do you know that they are good at IPS, A/V, Content Filtering, and
firewalling? They most likely are not better at IPS than a company that
makes all their profit or a large portion of their profit off of IPS. The
company that is primarily focused on IPS is probably investing most of their
money into IPS research where a company like Fortinet has to split the
research dollars between all of the above listed areas.  

Jamy 
 
-----Original Message-----
From: Basiru Ndow [mailto:bndow at Ndowtech.com] 
Sent: Thursday, February 08, 2007 8:42 AM
To: General DShield Discussion List
Subject: [Dshield] Fortinet [Fortigate 5050]

Anyone with experience using fortigate 5050 for network security =
solutions. Just join the company and we are thinking of using it.

Any advantages or disadvantages that you can share ?

Thanks

Bass

 



 IMPORTANT WARNING: This message is intended for the use of the person or
entity to which it is addressed and may contain information that is
privileged and confidential, the disclosure of which is governed by
applicable law.  If the reader of this message is not the intended
recipient, or the employee or agent responsible for delivering it to the
intended recipient, you are hereby notified that any dissemination,
distribution or copying of this information is STRICTLY PROHIBITED.  

  If you have received this message in error, please notify us immediately
by calling (310) 423-6428 and destroy the related message.  Thank You for
your cooperation.  






More information about the list mailing list