Currently we have multiple different hardware vendors performing all different parts of our layered security. Now that I think of it, we don't have more than one vendor performing security in every part of our network. (Firewalls, SIEM, antivirus, IPS, etc.)

I like Cisco and seeing what they can do with all areas of security running Cisco products is impressive. From your standpoint, would it be better to diversify the equipment to different vendors or have one manage them all. I know that Cisco might not be #1 in all categories, but when all their equipment is working together, I feel that you have a tighter network.

Scucci

In part I'd agree with Dale.

Cisco are generally superior in what they do best, routing and switching. However, often the attempts to branch into different fields and features can leave a bit to be desired. They usually design and create devices with a high level of security, however it is often seen that the advanced 'features' are less secure.

For example this months security advisory lists several vulnerabilities in 'security' features; including vulnerable IPS features, potential data leakage from a VPN and even an issue with the humble NAT. (Full advisory here)

I'm not trying to claim that Cisco devices are less secure than other manufacturers, it could easily be the case competitors are just less open regarding their bugs; and if you want to move to a single manufacturer for all devices you could certainly do worse than go with Cisco.

It is usually the case though that those specialising in a specific technology will produce a better product than generalists, providing you stick to the big boys. Best-of-breed devices usually have that label for a reason.

Good luck out there...

Like I said, dont put all your eggs in one basket (all one vendor) unless there is a strategic reason.

Multiple layers is the key, and if this can incorporate various vendor offerings the better.

I think it matters a lot (personal preference) because Cisco security products have steered away from mostly being point products several years ago.  For the past couple of years, they've focused on collaborating each security controls together to integrate with another & even escalate the security of other Cisco security solutions. 

Security no longer becomes an afterthought or a necessary evil, but a security architecture that's designed to scale to Government & Compliancy requirements (like PCI, HIPPA, SOX) which goes far beyond just a simple firewall. 

Yup.  Ironport works as a wonderful email & web content filtering front end which also collaborates with Cisco's Security Agent (CSA) to reinforce Data Loss Prevention, or info leakage through email.

Their latest acquisition this past summer will really ramp up network security with role-based application enforcement/security.  And like their other security offerings, it will probably work together which will take it to the top IMO.

To get around that for example in my company's environment we have a team of individuals whom work on certain aspects of the infrastructure.  Each one has their own specialty and have a working proficiency in the rest.  So in all everyone can work with everything, but we have an expert for each technology.  So for major changes the SME would either complete or review all configuration changes to ensure there are no issues.  Nice to see you over here dynamik 

Don't be intimidated dynamik.  Nobody knows everything and all of us had to start somewhere too.  Not only that but we're able to share ideas and techniques here.

Thanks for the welcome guys

I'm actually not too nervous; that was more of a compliment to you guys. This seems like a great forum with respectful, knowledgeable members, so I don't think there's any reason to experience n00b anxiety when posting

I'm fairly tech-savvy, but I'm still quite new to the ethical hacking scene. I was introduced to this site by a few people I know from techexams.net (where I'm slightly more active). I'll definitely be recommending this site to other EH enthusiasts.

TE is king when it comes to IT certifications (though very specialized ones such as the GPEN don't get much mention), but the level of depth you guys get into is astounding. This appears to be a phenomenal resource, and I'm very much looking forward to going through the forums, blog entries, columns, etc.

Well, I think that's enough chatter; I have a great deal of catching up to do

Thanks again to everyone who makes this possible