Contents
Conclusion
As is the case with any device modification, replacement or upgrade, the three key points to focus on prior to purchasing a security product are auditing, research and evaluation. In fact, this is particularly important for a network security product.
Strategic review audits need to be undertaken to ascertain the current position of your enterprise, particularly in relation to your existing security/network environment. Where possible, benchmarks and metrics should be developed and executed — this builds a scientific snapshot of your organisation. You can use this data to evaluate a proposed solution, enabling you to clearly see how and where it might improve on your existing system. This snapshot data can also be revisited once the new solution has been deployed to ensure that it remains stable as part of a regular maintenance cycle.
A risk audit is also very worthwhile. It will identify the location and value of any assets being protected by the solution and ensure that the system being implemented is of sufficient size and scale to appropriately cover the information being protected. There is no point in spending AU$100,000 on security to protect AU$5000 worth of data.
Research your requirements and engage with vendors as much as possible before going to a pilot. Use this review as a guide to narrow down the vendors offering the type of solution that may suit your enterprise. Once your pilot evaluation phase has commenced, it is worthwhile bringing in a third party to undertake testing of the security solution. This ensures that the product stands up to all of the claims made by its vendor and helps match the protection profile developed through your strategic and risk audits.
Involving a third party maintains the independence necessary to conduct a worthwhile evaluation. Internal security staff will often have a preference for a legacy system that they have experience with, or they may be too narrow in their testing, focusing on features they are familiar with or features they would like, rather than what is most appropriate or beneficial to your environment.
Avoid allowing the solution vendor to undertake testing regardless of how much they claim to be experts. Having an independent third-party means your risk is shared and minimised when making a procurement decision.
Ranking the units in this round-up is very difficult given the diversity presented. It is really a great sample of security devices; with prices ranging from AU$10,000 to over AU$40,000 and each has key advantages.
For its sheer ease of configuration and use, the IBM product rates highly. For a feature-packed family product-range the gong goes to SonicWALL, but you will need to ensure your security architects plan carefully. The Astaro and Juniper solutions are very well designed and nicely suited to the larger enterprise. For cost effective scalability in a business that is growing, WatchGuard's golden screwdriver software upgrade path is a likely choice.
Happy security procurement!
Enex TestLab is one of Australia's most experienced, independent technology test facilities. After more than 16 years with RMIT IT TestLab, Enex's founders acquired the business from RMIT in 2005.
I'm amazed that you didn't bother to test the platform with the most impressive security track record known to man - OpenBSD.
It's easy to configure. There are no licensing costs. The rule set for PF is human readable. It supports IPv6.