- This topic has 5 replies, 5 voices, and was last updated 10 years, 6 months ago by
.
-
Posts
-
-
Greetings,
For those of you that design networks or suggest designs do you still feel that layer firewalls (from different vendors) is still a valuable part of defensive in depth? From your experience, do companies tend to use this in the SMB enterprises?
Just want to get someone else’s perspective. I am submitting a proposal for our new network design on Wednesday and the other guy and I have some very, very different opinions.
Thanks,
-
-
Personally, as long as you are using a “good” firewall (easy to administer, secure, works for you), then I would not go with a different vendor if the same group will be administering a lot of other equipment as well. I do not think the overhead is worthwhile, and particularly not so if you use firewall management software from the same vendors (logging, configuration management, etc.).
-
-
Oh we will be using vlans in our new design. I personally feel like since I am the one who will be handling the firewall admin work, I should stick with one vendor and expertly configure it and use a solid IDS implementation to pick up the slack.
I think I might post my idea for the new network design later.
-
Rather than an IDS, would you not perhaps consider a IPS or IDPS?
You may already have that in mind, but you know those acroynms, often confusion can creep in.
Sometimes the kind of thing that can cause a configuration issue by misunderstanding or lack of procedures (or lack of following of procedure)
-
- You must be logged in to reply to this topic.
