Cisco ASA with FirePOWER Services vs Palo Alto Next-Generation Firewall

Поділитися
Вставка
  • Опубліковано 20 гру 2024

КОМЕНТАРІ • 27

  • @StevenMH1982
    @StevenMH1982 6 років тому +1

    This was a very informative video, it would be nice to see this rerecorded for 2018.

  • @wlmartin80
    @wlmartin80 8 років тому +4

    I don't think you went into the NGFW features enough. This was a firewall comparison and not a security comparison and doesn't actually tell me anything I couldn't read on a spec sheet

    • @muriloninja
      @muriloninja 7 років тому

      Agreed, came across this as I was watching some Sec vids...forget the Firewall piece, its irrelevant as every vendor does Firewalling...you start to get separation when you (as you mentioned) start focusing on the NextGen feature sets etc. DPI is standard stuff, nothing crazy there, URL Filtering is again standard stuff, Wildfire brings potential zero-day protections..the question is always "What do you want from your Edge device?"...If IDS/IPS is the main focus, you're going to have a hard timing beating Sourcefire/Firepower...if you want ease of management, onbox manageability versus need for management appliance, go PAN. These are the things I would have focused on. In short, Cisco = currently fragmented technology (being streamlined into FTD but its not at full feature parity to the ASA) while PAN is a great single pass architecture and extremely easy to manage (either onbox or centrally with Panorama). Cisco needs more time before it can truly compete with PAN in the Edge space, anxious to see what FTD becomes when its ready but being Cisco who knows...they remain behind the curve for now.

    • @toolate6971
      @toolate6971 7 років тому

      You are correct. He went over about 20% of that Monster called FP and FTD. It will be Huge once its done

  • @shraddhashinde6640
    @shraddhashinde6640 6 років тому +1

    Maybe out of point question, but somebody please shed light- Is Cisco AnyConnect SSL VPN or IPSec VPN?

    • @jshuan4
      @jshuan4 6 років тому

      Anyconnect initiates the protected session over TCP 443. After session initiation, the VPN is completed as an IKEv2 IPsec tunnel using EAP authentication.

    • @umeshchowdhary
      @umeshchowdhary 6 років тому +1

      Cisco anyconnect can work on both protocol SSL/IPSEC. But initial connection has to be SSL ( to download XML profile ) if the end-point (laptop etc.) never connected to that particular VPN before and then you can make IPSEC as preferred protocol over SSL in ASA's config. Hope this help !

    • @PKS11111
      @PKS11111 5 років тому

      Palo alto global protect much better than anyconnect and easy to manage. Without HIPS you dont need additional license as well.

  • @JoferM
    @JoferM 6 років тому

    Now we are in 2018, so, the recents models Cisco Firepower are intended to replace the legacy Cisco ASA FirePower?

  • @dizkonekid
    @dizkonekid 7 років тому

    Haven't Sophos and Fortinet been doing this forever?

    • @kkadam96
      @kkadam96 7 років тому

      Same thing I told my current employer. Fortinet has been doing this for years. ASA is late in the game.

    • @hisexcellence4225
      @hisexcellence4225 6 років тому

      exaclty :-)

  • @jasonpb27
    @jasonpb27 7 років тому

    Wouldn't it have been better to compare a firepower NGFW such as the Cisco 4100 series device to the equivalent PA? appreciate certain ASA functionality is lacking however that's being addressed and it's more inline with the direction Cisco is headed.
    If you thought Cisco enjoyed taking your money, PA takes it to the next level and beyond.

    • @muriloninja
      @muriloninja 7 років тому

      2100/4100/9300 refers to FTD appliances and with features lacking its not a true comparison at this time so what you are left with is PAN vs Cisco ASA "with" FirePOWER Services. FTD is Cisco's answer to PAN but its quite late in the game and there tech is fragmented. When will it be streamlined if ever is the question. Clustering was a major headache and those complaints were moved to the front of the line and is now supported, RAVPN is another big one for a lot of Enterprises out there. You also have companies who just invested millions of dollars worth of NextGen ASA's "with" FirePOWER Services only be told now FPS is going away and FTD is the new thing. Cisco thankfully is at least allowing a re-imaging of that invested hardware to FTD which is good for some but for those with 5585X's they are SOL as FTD will not run across the 85X's multiple CPU complexes. If I have 85X's then I will definitely need to upgrade to perhaps 2100/4100 hardware to implement FTD.

    • @toolate6971
      @toolate6971 7 років тому

      You cant be serious about being "late", I dont see Palo Alto dumping the latest CIA hacks... LOL, Late.

  • @aliassaf9416
    @aliassaf9416 8 років тому

    great comparison. thanks and keep it coming plzzzz

    • @toolate6971
      @toolate6971 7 років тому

      I guess you are new to the Security equipment manufacturers...

  • @droidcrasher
    @droidcrasher 6 років тому +2

    DUDE!!!
    When it comes to GOOD Firewalls....
    You name them all and FORGET...CHECKPOINT !??? :-/

  • @JustinHoMi
    @JustinHoMi 5 років тому +3

    Turned it off after you said that ASA/Firepower is easy to use.

  • @VENIfromRUST
    @VENIfromRUST 7 років тому

    It took you 45 minutes to read a 10 minute google search

  • @wlmartin80
    @wlmartin80 8 років тому +5

    The company is called Palo Alto networks, not palo alto

  • @rickshow4994
    @rickshow4994 7 років тому +7

    Palo Alto support sucks, using it for last year and moving to Cisco.

    • @S0ul5Hun73r
      @S0ul5Hun73r 7 років тому +2

      I dont know what youre talking about man. Are you comparing Cisco TAC when it comes to fireeye support vs PAN or simple firewall support? Because its not really a good comparison...

  • @cocotwins
    @cocotwins 4 роки тому

    Cisco is better. I say this because Cisco will most likely have more appliances to further compliments each appliances capabilities and features. Yea it cost money. But good shit costs.

    • @testaccount4443
      @testaccount4443 3 роки тому +1

      Actually, in the Firewall world, Cisco comes last.
      PA > Fortinet > Cisco ASA > Cisco ASA with FP.

  • @toolate6971
    @toolate6971 7 років тому

    Being that you did this video in late 2016 you didnt mention the latest Cisco offering... UNFORTUNATELY, 9300 and 4100 as well as FMC, SNORT and FTD.... You need to do more work before you put together such an insufficient video.

  • @joey3354
    @joey3354 4 роки тому

    And Fortinet wins al