I agree with many of these observations.  A trend I noticed as a security professional was that putting bandaids on legacy technology buys little protection and the bigger your enterprise the harder it is to embrace newer safer technologies.  As an example, Microsoft Active…

Can you be more specific? If you search this site for 'threat detection' you get lots of different technologies: MDR, XDR, UEBA, IDPS, etc. I have used a threat intelligence services, as well as UEBA, and 'threat hunting' services with MDR as well as traditional IPS/IDS and…

I would start with the qualifications before jumping into a trial.  What is your organization looking for? Do you want to manage XDR with your own staff (do you have the technical expertise given the complexity of effective XDR?); are you already using a security ecosystem…

I have looked at FWaaS for years (originally from Value Added Network service providers such as Virtela) and my best answer is based on the organization's scale/size. Is the organization large enough to support managing your own firewalls? (Let's say perhaps >10,000 people)…

I am an enterprise user of Fortigate and PA compares favorable to Fortinet. I have used Fortigate for a variety of reasons, but here are the most important reasons we use them (compared to PA)1. Price versus performance2. Fortinet has a strategic security view that is…

I doubt we will see a new firewall vendor, but I believe we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it is a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers)…

What kind of 'vulnerability analysis' tool are you referring to? Static code analysis for code? If so there are a couple tools that cover most languages pretty well, Checkmark and Veracode. Or are you looking for vulnerability management tools like Qualys, Tenable or Rapid7?

For large companies SSL Inspection is often problematic, especially with the release of TLS 1.3 which is resistant to man in the middle attacks which is what SSL Inspection is in essence. The financial services industry fought long and hard to prevent the TLS 1.3 standard…

At a minimum I would recommend a Fortinet FG-100F The "F" series is their latest ASIC and it outperforms the E series by x4 or better I like to oversize the firewalls to get more life out of them, although we usually use virtual appliances (FG-VM02v or greater) If I had to…

It depends on your environment - how large is it, what type of APs and.or controllers are in use, what sort of risk environment are you in (what are you protecting? Are you near other competitors, are your facilities near public areas or residential communities Things that…

The business need should always be part of the equation if you have a business need for SIP in addition to permitter security then using a firewall with SIP protection such as a FortiGate running version 6.x If you only need a SIP gateway then there are several dedicated…

We use both AlienVault and FortiSIEM (formerly AccelOps) and in both cases use a managed security services provider to monitor and maintain. Our chief concern was ease of use and cost. While we really appreciated AlienVault, they were acquired by AT&T towards the end of 2018…

Good commercial firewalls take a degree of expertise that small businesses rarely possess, for that reason, I would look for a managed security services provider that specializes in the SMB retail market. They should be able to do it affordably and with solid expertise. They…

We use a SIEM for event correlation for logs and feeds from a variety of our tools. It helps us quickly pinpoint activity from multiple sources to provide actionable intelligence. We are able to fund part of the cost through the use of compliance reporting replacing the use…

We use Fortigates for web filtering and security. We are a global company with > 10,000 users This protects all users on our internal network. Remote users can use the Fortinet FortiClient for remote AV and web filtering protection. We used Zscaler several years ago but we…

We have used Skyhigh Networks for three years and very happy with it. Over the years they have added new capabilities. The original service provided an inventory of cloud applications that our internal people accessed as well as statistics and risk ratings and configuration…

We use Darktrace and are very happy with it. It detects unusual network behavior based on you normal network activity. Great for insider threat and APT and lateral activity.

The FortiGate line is great for global networks. You need to size them for your traffic and type of protection (web filtering; IPS; antivirus; VPN; BotNet protection; etc) since each additional service enables requires a larger system. We find the FortiGates very affordable…

The state of the firewall has moved from IP and port filtering to combine these elements 1) Application awareness (want to block Tor or Bit Torrent?) 2) User identity awareness (policies based on identity not just source IPs) 3) Policies based on device attributes (allow…