Chingiz Abdukarimov's Professional Profile

Badges

User Activity

Almost 4 years ago

Answered a question: What SD-WAN security issues should I be aware of?

Adding NGFW functions into the pure play SD-WAN solution is much more difficult than adding SD-WAN feature to NGFW. So when you go away from backhauling all branch traffic to HQ (moving towards direct cloud access and enabling edge computing) you need to be sure that the…

Almost 5 years ago

Answered a question: What's The Best Way to Trial SIEM Solutions?

If you need a SIEM for compliance, connect as much log sources as possible from your production environment, and pay attention to storage architecture, parsing non-standard/non-typical sources, licensing moments for network devices and hosts If you need a SIEM for threat…

Almost 6 years ago

Answered a question: Which would you recommend, SolarWinds LEM or Splunk?

I would prefer SolarWinds LEM for environments with high log volumes (e.g. network equipment at local providers, because with LEM you pay for nodes). And I would choose Splunk for wide network of any connected devices, if I need to dig logs later (because with Splunk you pay…

Almost 6 years ago

Commented on It has improved the security posture and visibility of our traffic

Avoid applying default IPS profile on every firewall rule, because it contains a lot of unnecessary signatures for particular rule. Try to optimize/minimize the count of signatures by selecting appropriate filters (by target/OS/App/severity/protocol). As a result, you can…

About 6 years ago

Answered a question: Looking Into Implementing a Web Security Solution.

I would prefer locally installed appliance (FG-201E)

Over 6 years ago

Contributed a review of Fortinet FortiGate: Don't underestimate FortiAnalyzer. It can give you a better understanding of what is going on in your network.