Since we are just rolling it out i cant really say much of what needs to be improved or not at this time. However, I do know that they have made improvements since we have first rolled out the product which has been great. One of the improvements has been its own distributed switch creation group where now all VLANs that is micro-segmented are in instead of having it in your DS/standard switch groups. We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up. I have been working with the ShieldX technical support on this, but I would like a better way to set this up. When I put in any credentials, it fails. This is possibly due to how our tiering is set up for our protective groups. However, we tried to do this process through the API and still received the same error. I don't feel like I am using the product to its fullest extent. I think one feature that I would like to see in the near future is having the application integrate with a SAML identity provider like Okta.
The product is pretty good today. The areas of improvement are primarily going to be around resource consumption. With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing.
It is the things we haven't tested yet. As we go from a centralized data center approach to a hybrid cloud, we are doing this with a single cloud vendor. We haven't had a chance to try this solution in a multi-cloud environment yet. However, this doesn't speak to their lack of integration. This more on us. Over time, we're going to learn about these capabilities in a multi-cloud environment as we expand into other cloud vendors. like Google and Microsoft. In terms of how we onboard products, when we have a powerful, solid solution, like ShieldX, we want to be able to take its capabilities and the information that it gathers about threats in the environment, then share it with other products that we use elsewhere and have a consistent intelligence sharing platform within our organization. It's about leveraging what we're learning from their product and pushing it down to other products in our environment. They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on.
At the moment, we are evaluating a solution where tunnel concentrators are going to be in virtual machines. And despite the fact where we should go in terms of technology, space, payment model and everything, this solution is something new in the company.
So, we're looking for any pr... Read More »
Is it required in your company to conduct a security review before purchasing a firewall? Also, do you need to perform reviews after (how often)?
What are the common materials you use in the review? Do you have any tips or advice?
Any pitfalls to watch out for? Read More »
Chris LoehrIf you are a small shop, you need to trust your MSP, VAR or another reseller… more »