Skip to main content

Posts

Showing posts from April, 2020

File Blocking Shootout – Palo Alto vs. Fortinet

File Blocking Shootout – Palo Alto vs. Fortinet 2018-06-27 Fortinet ,  Palo Alto Networks ,  Password Data Leak Prevention ,  DLP ,  Encrypted ,  fail ,  File Blocking ,  FortiGate ,  Fortinet ,  Microsoft Office ,  Palo Alto Networks ,  Password ,  PDF ,  Protected ,  ZIP Johannes Weber We needed to configure the Internet-facing firewall for a customer  to block encrypted files  such as protected PDF, ZIP, or Microsoft Office documents. We tested it with two next-generation firewalls, namely Fortinet FortiGate and Palo Alto Networks. The experiences were quite different… TL;DR:  While Fortinet is able to block encrypted files, Palo Alto fails since it does not identify encrypted office documents! [ UPDATE : Palo Alto has fixed the main problem, see notes below.] Note that the Internet connection must be either unencrypted itself, i.e., HTTP or FTP, or some TLS inspection/MITM technique...
Post a Comment
Read more

From MPLS to SD-WAN to SASE: An Evolution of Enterprise Networking

From MPLS to SD-WAN to SASE: An Evolution of Enterprise Networking The way we do business is changing. As critical business applications migrate to the cloud, and the mobile workforce continues to grow, networking and security solutions need to evolve in order to meet the changing business needs. Gartner believes (and we agree) that the future of networking lies with  SASE (Secure Access Service Edge)  – the convergence of networking and security into one cloud service. Here’s why. 1990s – 2000s: MPLS and the Era of Clear Network Boundaries? Back in the day, networking models were hardware-centric and manually configured. Applications, data, and services lived within private datacenters and relied on remote access solutions to connect remote workers. Dedicated network connectivity, known as MPLS, was the preferred approach for connecting remote locations. MPLS provides predictable performance, low latency and packet loss, and central management. However, MPLS is ...
Post a Comment
Read more

Check Throughput of Interfaces - Palo Alto Networks NGFW

Check Throughput of Interfaces - Palo Alto Networks NGFW Following command shows brief interface throughput. > show system statistics session To see the complete statistics, run the show system state browser command > show system state browser Press Shift+L and click on Ports To enable tracking and updates press Y and U To see additional ports, press space bar
Post a Comment
Read more