Blue Knight
Gawd
- Joined
- Dec 2, 2000
- Messages
- 699
So my company is replacing firewalls. In our EU HQ, they went with Palo Alto 2020 models to take the place of Cisco PIX and an IBM IDS box.
However, as I'm responsible for the US branch, I'm re-evaluating their decision for our office. We currently have a Cisco 5510 and the same IBM IDS box behind it. Everything works, so I'm wondering if a PA device is worth the upgrade cost, but on the other hand, you can't really put a price on security. The application control, IPS, anti-virus, etc etc are all cool features that might be worth implementing now.
My questions is - why is PAN so expensive? As an example, Sonicwall's NSA 3500 with similar specs are coming in at 1/3 the price for the same feature set, and lower yearly cost. I've seen the demos, and the interfaces are both pretty slick - at least compared to what I have now. The all have the gateway security features and Deep Packet Inspection
So what am I missing? I know PAN is all the rage right now in the networking world, but it seems like they're somewhat riding the fanaticism from their marketing teams - similar to Apple customers.
We could also debate the differences between what's marketed as UTMs and NGFWs, but from the "black box" perspective (what comes in, what goes out) - aren't they more similar than different?
If I ran the office, I'd also look at Untanged and other vendors, but my boss wants something with a little more brand recognition. Anyway - I'm asking the Horde what's up since I'm not a networking guy by trade - more sys admin - but this office is my responsibility.
However, as I'm responsible for the US branch, I'm re-evaluating their decision for our office. We currently have a Cisco 5510 and the same IBM IDS box behind it. Everything works, so I'm wondering if a PA device is worth the upgrade cost, but on the other hand, you can't really put a price on security. The application control, IPS, anti-virus, etc etc are all cool features that might be worth implementing now.
My questions is - why is PAN so expensive? As an example, Sonicwall's NSA 3500 with similar specs are coming in at 1/3 the price for the same feature set, and lower yearly cost. I've seen the demos, and the interfaces are both pretty slick - at least compared to what I have now. The all have the gateway security features and Deep Packet Inspection
So what am I missing? I know PAN is all the rage right now in the networking world, but it seems like they're somewhat riding the fanaticism from their marketing teams - similar to Apple customers.
We could also debate the differences between what's marketed as UTMs and NGFWs, but from the "black box" perspective (what comes in, what goes out) - aren't they more similar than different?
If I ran the office, I'd also look at Untanged and other vendors, but my boss wants something with a little more brand recognition. Anyway - I'm asking the Horde what's up since I'm not a networking guy by trade - more sys admin - but this office is my responsibility.