[Dshield] Fortinet [Fortigate 5050]

Moses moses at networksamurai.org
Fri Feb 9 16:16:58 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is rather interesting to note. I find your comments 100%
accurate. But I'd like to offer the group a bigger question. Now that
the 'Stateful packet inspection' technology has progressed and many
companies are doing it VERY well, would companies be more interesting
in deploying a product from a Firewall vendor that has an integrated
IPS/IDS or would you be more interested deploying a product from a
best of breed IPS/IDS vendor that has added firewall capabilities.

Case in point, I still see larger companies going with a layered
approach but wishing they could go with a more 'Unified' approach.
When you peel back the layers its more of the time  because most do
not think that the Firewall manufacturers have a good IPS/IDS product
integrated that they feel still needed a stronger device in line. If
you consider or leave VPN as a 'router' only or SSL 'only' product
maybe we will see the market start changing a bit more.

Moses Hernandez

Dregier, Leo A. (CMS/CTR) wrote:
> Bass,
>
> I've used a Fortigate 5050.  I feel they are average in comparison.
Jamy is correct.  While you can get all in one appliances or Unified
Thread Management as some refer to, remember that a layered solution
should have multiple layers.  One could use McAfee on the desktop and a
border gateway at the edge from another vendor for example.
>
> Also, you have to consider how the appliance works for your company,
what is your companies needs?  For smaller companies that want to save
money, generally UTM will work, but for larger companies the only way to
get real accounting is to have multiple solutions.
>
> Get a loaner, run it on your network.  If it gives you the results,
accounting and audit capabilities you need then it might be the way to go.
>
> For me, it's all about reporting.  Can I interrogate the logs and get
what I need easily.
>
> My advice, get a loaner box, sales engineers should be more then
willing to give you one for 30 days... minimum, sometimes 60 if you can
justify a large purchase.
>
> Lastly, Ask the company itself how it stacks up.  Then confirm that
with the competitors same stat sheet!  They all claim to do it better
then the rest.  So it's more of how the device works for you!
>
> Best Regards,
>
>
> Leo A. Dregier III
> Computer Security Incident Response Capability (CSIRC)
> - Incident Response Team - Incident Response Lead
> Centers for Medicare & Medicaid Services
> Lockheed Martin CITIC Security Team
> desk: 443-348-4002
> mobile: 410-274-2460
> e-mail: Leo.Dregier at cms.hhs.gov
> The contents of this e-mail are confidential to the ordinary user of
the e-mail address to which it was addressed and may also be privileged.
If you are not the addressee of this e-mail you may not copy, forward,
disclose or otherwise use it or any part of it in any form whatsoever.
CMS does not accept responsibility for changes made to any e-mail after
sending.  If you have received this e-mail in error please e-mail the
sender by replying to this message.
>
>
> -----Original Message-----
> From: Klein, Jamy [mailto:Jamy.Klein at cshs.org]
> Sent: Thursday, February 08, 2007 12:13 PM
> To: General DShield Discussion List
> Subject: Re: [Dshield] Fortinet [Fortigate 5050]
>
> I have not used them personally, but I know of them. My opinion is that you
> should be careful with any product like that, that claims to do it all. How
> do you know that they are good at IPS, A/V, Content Filtering, and
> firewalling? They most likely are not better at IPS than a company that
> makes all their profit or a large portion of their profit off of IPS. The
> company that is primarily focused on IPS is probably investing most of
their
> money into IPS research where a company like Fortinet has to split the
> research dollars between all of the above listed areas.
>
> Jamy
>
> -----Original Message-----
> From: Basiru Ndow [mailto:bndow at Ndowtech.com]
> Sent: Thursday, February 08, 2007 8:42 AM
> To: General DShield Discussion List
> Subject: [Dshield] Fortinet [Fortigate 5050]
>
> Anyone with experience using fortigate 5050 for network security =
> solutions. Just join the company and we are thinking of using it.
>
> Any advantages or disadvantages that you can share ?
>
> Thanks
>
> Bass
>
>
>
>
>
>  IMPORTANT WARNING: This message is intended for the use of the person or
> entity to which it is addressed and may contain information that is
> privileged and confidential, the disclosure of which is governed by
> applicable law.  If the reader of this message is not the intended
> recipient, or the employee or agent responsible for delivering it to the
> intended recipient, you are hereby notified that any dissemination,
> distribution or copying of this information is STRICTLY PROHIBITED.
>
>   If you have received this message in error, please notify us immediately
> by calling (310) 423-6428 and destroy the related message.  Thank You for
> your cooperation.
>
>
>
>
> _________________________________________
>
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFzJ56rbgcZktx37wRApMBAJ9zv0US093ufenH5iJXJIKi/Uwz7gCfeQzl
CX2e7Fi9hrYeS6DfaY2vMT8=
=g55C
-----END PGP SIGNATURE-----



More information about the list mailing list