The game becomes maintaining good performance and avoiding false positives being disruptive to the business. There is no set it and forget it solution that will provide a significant benefit to your security posture over a more basic stateful firewall. The reality is that any IDS or NGFW is only good as the threat intelligence that it's loaded with and the staffing resources you've committed to monitoring and managing alerts. Things to look for would be companies that actually have entire threat intelligence units actively feeding their products and actively contributing to the field with discoveries of their own (e.g. ![]() Disappointing since they're literally a security software company but its really a product they haven't taken seriously.įor any solution those signatures might be updated nightly in terms of how often the systems check for and load new information but how often are you seeing new signatures added to the repository for emerging threats? The answer sadly for the majority of SMB offerings is rarely. This was true for the Sophos offering last time I looked at it but that was years ago now. ![]() Palo Alto Networks, Fortinet, Cisco, Check Point) are more marketing and the false sense of security than anything else. Almost everyone in the NGFW and UTM space that isn't one of the big players (e.g.
0 Comments
Leave a Reply. |