Badges
55 Points
9 Years
User Activity
Over 2 years ago
Commented on Cybersecurity Trends To Look Out For in 2022
I agree with many of these observations.
A trend I noticed as a security professional was that putting bandaids on legacy technology buys little protection and the bigger your enterprise the harder it is to embrace newer safer technologies.
As an example, Microsoft Active…
About 3 years ago
Answered a question: What insider threat detection tool do you recommend to a company with a modest budget?
Can you be more specific? If you search this site for 'threat detection' you get lots of different technologies: MDR, XDR, UEBA, IDPS, etc. I have used a threat intelligence services, as well as UEBA, and 'threat hunting' services with MDR as well as traditional IPS/IDS and…
About 3 years ago
Answered a question: What's the best way to trial Extended Detection and Response (XDR) solutions?
I would start with the qualifications before jumping into a trial.
What is your organization looking for? Do you want to manage XDR with your own staff (do you have the technical expertise given the complexity of effective XDR?); are you already using a security ecosystem…
About 3 years ago
Answered a question: When should a company choose a Firewall-as-a-Service (FWaaS) solution?
I have looked at FWaaS for years (originally from Value Added Network service providers such as Virtela) and my best answer is based on the organization's scale/size. Is the organization large enough to support managing your own firewalls? (Let's say perhaps >10,000 people)…
About 3 years ago
Answered a question: Which product do you recommend: Palo Alto Network VM-Series vs Fortinet FortiGate?
I am an enterprise user of Fortigate and PA compares favorable to Fortinet. I have used Fortigate for a variety of reasons, but here are the most important reasons we use them (compared to PA)1. Price versus performance2. Fortinet has a strategic security view that is…
Over 4 years ago
Answered a question: Which lesser known firewall product has the best chance at unseating the market leaders?
I doubt we will see a new firewall vendor, but I believe we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it is a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers)…
Over 4 years ago
Answered a question: How inadvisable is it to use a single vulnerability analysis tool?
What kind of 'vulnerability analysis' tool are you referring to? Static code analysis for code? If so there are a couple tools that cover most languages pretty well, Checkmark and Veracode. Or are you looking for vulnerability management tools like Qualys, Tenable or Rapid7?
Over 4 years ago
Answered a question: When should companies use SSL Inspection?
For large companies SSL Inspection is often problematic, especially with the release of TLS 1.3 which is resistant to man in the middle attacks which is what SSL Inspection is in essence. The financial services industry fought long and hard to prevent the TLS 1.3 standard…
Over 4 years ago
Answered a question: Best firewall models for 750 to 1000 users
At a minimum I would recommend a Fortinet FG-100F
The "F" series is their latest ASIC and it outperforms the E series by x4 or better
I like to oversize the firewalls to get more life out of them, although we usually use virtual appliances (FG-VM02v or greater)
If I had to…
Over 4 years ago
Answered a question: How important is it to monitor your WiFi environment?
It depends on your environment - how large is it, what type of APs and.or controllers are in use, what sort of risk environment are you in (what are you protecting? Are you near other competitors, are your facilities near public areas or residential communities
Things that…
Over 4 years ago
Answered a question: Should I configure SIP or NAT traversal technologies on my firewall?
The business need should always be part of the equation if you have a business need for SIP in addition to permitter security then using a firewall with SIP protection such as a FortiGate running version 6.x
If you only need a SIP gateway then there are several dedicated…
Over 4 years ago
Answered a question: Which is the best SIEM solution for a government organization?
We use both AlienVault and FortiSIEM (formerly AccelOps) and in both cases use a managed security services provider to monitor and maintain. Our chief concern was ease of use and cost. While we really appreciated AlienVault, they were acquired by AT&T towards the end of 2018…
Over 4 years ago
Answered a question: Which is the best network firewall for a small retailer?
Good commercial firewalls take a degree of expertise that small businesses rarely possess, for that reason, I would look for a managed security services provider that specializes in the SMB retail market. They should be able to do it affordably and with solid expertise. They…
About 5 years ago
Answered a question: What Is SIEM Used For?
We use a SIEM for event correlation for logs and feeds from a variety of our tools. It helps us quickly pinpoint activity from multiple sources to provide actionable intelligence. We are able to fund part of the cost through the use of compliance reporting replacing the use…
Over 6 years ago
Answered a question: Looking Into Implementing a Web Security Solution.
We use Fortigates for web filtering and security. We are a global company with > 10,000 users
This protects all users on our internal network. Remote users can use the Fortinet FortiClient for remote AV and web filtering protection.
We used Zscaler several years ago but we…
About 7 years ago
Answered a question: Evaluating CASBs. Looking for community feedback on some vendors.
We have used Skyhigh Networks for three years and very happy with it. Over the years they have added new capabilities. The original service provided an inventory of cloud applications that our internal people accessed as well as statistics and risk ratings and configuration…
Over 7 years ago
Answered a question: Best solutions for breach detection and forensics.
We use Darktrace and are very happy with it. It detects unusual network behavior based on you normal network activity. Great for insider threat and APT and lateral activity.
Over 7 years ago
Answered a question: What do you recommend for a corporate firewall implementation?
The FortiGate line is great for global networks. You need to size them for your traffic and type of protection (web filtering; IPS; antivirus; VPN; BotNet protection; etc) since each additional service enables requires a larger system. We find the FortiGates very affordable…
Over 9 years ago
Answered a question: When evaluating Firewalls, what aspect do you think is the most important to look for?
The state of the firewall has moved from IP and port filtering to combine these elements
1) Application awareness (want to block Tor or Bit Torrent?)
2) User identity awareness (policies based on identity not just source IPs)
3) Policies based on device attributes (allow…
Answers
About 3 years ago
Business Activity Monitoring
About 3 years ago
Extended Detection and Response (XDR)
About 3 years ago
Firewalls
Over 4 years ago
Firewalls
Over 4 years ago
Vulnerability Management
Over 4 years ago
Security Information and Event Management (SIEM)
About 7 years ago
Cloud Access Security Brokers (CASB)
Over 7 years ago
Intrusion Detection and Prevention Software (IDPS)
Over 9 years ago
Firewalls
Comments
About me
I have transitioned from a long term career in IT as Security Architect and Innovation Fellow to CTO of a startup focused on Web3.0 blockchain storage solutions such as FileCoin. My focus now is helping Enterprises transition to decentralized storage for archival.