Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

Which Firewall is best for Small Organization and Why ?

user-image
Question ajoutée par Hitesh Darji , Senior System and Network Administrator , ITG
Date de publication: 2017/03/08
Alexander Sinno
par Alexander Sinno , Senior Intrusion Analyst , DELL SECUREWORKS

I work at SecureWorks which is a vendor agnostic organization. This means I experience in dealing with all firewalls and IPS/IDS's. From my experience the best firewall for a small organization is CISCO ASA with an IPS Blade. 

 

Why?

1. Cisco ASA logs are very easy to read. I read logs all day, and you wouldn't believe how difficult some are. However, Cisco has clean ontology and usual gives clients access to view their signatures to accurately determine FP vs TP. 

 

2. Syslog capabilities and SIEM integration for easily identifying threats.

 

3. Firewalls primarily act as traffic controllers on the network perimeter. However, if an organization (large or small) wants to be successful at fending off Cyber Attacks you're going to need an IPS. An Intrusion Prevention System, is able to inspect packets and reassemble the stream to properly identify inbound payloads. After it detects a possible inbound attack it will either block/alert or block based on the settings of the signature.

 

Please see more about the CISCO ASA IPS Module:

http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/ips/ips_qsg.html

 

Being able to redirect traffic to the IPS module is an enormous benefit. 

More Questions Like This