Advanced Threat Protection Forum

Ad84c32d 0949 42fe 8748 9a7444b3a48b avatar
Content Specialist
IT Central Station
Feb 27 2018
On a scale from 1-10, how would you rate Palo Alto Networks VM-Series and why?
Ece40419 635e 4a25 8eea 0e614075d0ef avatar
Technical Account Manager at a security firm with 51-200 employees
Off the back of Palo Alto's recent marketing video, one of the staff at Check Point put together a response for each of his claims which can be found here. Original promo - Making bold claims about inventing technology, vendor specific capabilities, the size of your coverage, and so forth? I get that everyone has a tagline along the lines of "We are the best there is..." and nobody is aiming for "Second best" but when it comes to security the bad guys only need to win once, the good guys have to win 100% of the time.  How is it acceptable for a company to say we are 100% safe when that is a) impossible to promise, and b) untrue with a basic level of research and understanding of their equipment. This is shocking behavior. If I sold you a '100% safe' bullet proof vest but when you put it on it had big holes in it you would want a refund.  I said in a recent article that independent reviews should be the only way forward. I stand by that, but have learned that some such as Gartner are less reliable than say NSS Labs. We all need to be more vigilant in what we do to research a product. I talk with so many individuals who have had a rep in from Vendor X and they're completely sold on the idea before you have a chance to warn them of the inaccuracies faced. Is there a better way for us to hold these vendors accountable to their bold claims? Does it affect your view of either side if one makes bold claims and the other side calls them on it? I wish it wasn't necessary, but personally I like that a rebuttal has been made.
Ece40419 635e 4a25 8eea 0e614075d0ef avatar
Technical Account Manager at a security firm with 51-200 employees
Working in security, it always interests me when I speak to people who have chosen company X or Y based on promises from the vendor themselves. Every single vendor claims to be the best at what they do. I can't imagine there is a company out there aiming to be any less than a leader. But there are huge gaps in the quality of Threat Prevention solutions on the market at the moment.  Many independent tests on hardware solutions pick the same handful of leaders. As an example I believe Miercom, Gartner and SS Labs put Check Point, Cisco and Fortinet on a pedestal above alternatives and ranked them pretty much in the order I wrote. For price, they're all willing to compete and will bend over backwards to add value (in my experience of selling them) and with the right partner you generally wont have major issues because you've got an expert on hand to set everything up and make it work.  Do we need more independent testers? Better proof of independence? Sites like this obviously aim to bring that evidence to the user from the user. But I see reviews for Endpoint solutions that I know are factually ineffective at catching threats ranking in the top 1-5 which is surprising. Threat protection/prevention should be under constant scrutiny and nothing less than 100% should be the aim (regardless of how impossible 100% is.)
Anonymous avatar x30
Steve RauschOne of the things that I see is that once a brand is stuck in someone's head, it stays there. I remember when Juniper was all the rage. However, I just removed the last Juniper firewall in our our organization and have replaced it with a Cisco ASA because of reliability. Another issue that I have is that the publications that I receive which highlight these security solutions are actually sponsored by the big names (though if you don't do your research, you wouldn't know this). So you're thinking that this publication is singing its praises, it has to be good. Unfortunately, while I do believe the independent testers would be very valuable, it needs to be made public so that it's seen by those who need to see it. I find more value in attending cyber security conferences, speaking with the vendors, and performing demos of their product on my network. Don't sell me "It can do this, this, and this on any network". Any network is not my network, and my network is the one that matters. Give me 30 days to test the product on my network -- let THAT speak as the value of the product. There was one vendor that had some really cool technology, and I would go all in on the technology. However, after demoing the product on my network -- I wasn't seeing the value. As much as I loved the concept, it just was not worth the money to invest what they were asking. I hope this answers your question
5c34c04d a71f 4280 8b6b 72cee8b31962 avatar?1440265752
Clinton PoppI ripped off this line from a good friend a college a few years back because he put it so perfectly. Security is not a product, its a process. With that said I don't rely on any independent tests what so ever because the hardware and product can only go so far. For example, there are free and open source firewalls you can implement that utilize identical technology to the new Cisco Fire Power and the Fortigate FortiOS for threat protection and intrusion prevention. and you will need to have the same expert to set it up and maintain it. You will have equally as good and in some cases better community support for the day to day tasks and the performance is a dependent on the hardware and what you buy. But at the end of the day security breaches are going to happen. Your greatest defense is going to be an educated end user which is something that the "Independent Tests" wont tell you. nor will the sales reps. Don't get me wrong. YOU DO NEED SECURITY APPLIANCES. But you should do an internal analysis of your infrastructure to determine what features you are going to need and base your decisions off of that. Most of your claimed industry leaders are going to offer pretty much the same thing. They just have different Prices, Look, and Performance. They will also have different strong points over their competitors.

Sign Up with Email