Are you still using the "free" entry level version, or have you upgraded to the paid subscription yet?
Thanks for the feedback. On Thursday, February 7, 2013, Ziots, Edward wrote: > I Love the wildfire piece, its amazing what I get from it. 125% > recommend that you turn it on if you haven’t. The sandboxing reports I get > I review and then update my security controls accordingly. Its been a real > eye opener for some here. **** > > ** ** > > Z**** > > ** ** > > Edward E. Ziots, CISSP, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected] <javascript:_e({}, 'cvml', '[email protected]');>*** > * > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* Kevin Lundy [mailto:[email protected] <javascript:_e({}, 'cvml', > '[email protected]');>] > *Sent:* Wednesday, February 06, 2013 4:42 PM > *To:* NT System Admin Issues > *Subject:* Re: OT: Guest network security**** > > ** ** > > Yep PA=Palo Alto**** > > **** > > When we made the switch, our ASAs were due to be replaced. Our Websense > subscription was up for renewal at the same time. The PA's were about the > same price as new ASAs + Websense renewal. Made for a no brainer decision. > **** > > Curious Z, are you using the Wildfire piece?**** > > On Wed, Feb 6, 2013 at 4:08 PM, Ziots, Edward > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');>> > wrote:**** > > If you mean PA=Palo Alto, they are dead on (scary CCIE would say that > being from the CISCO house) I work on Palo Alto Daily, and its sick how > much these things can do. Been finding a lot that I wouldn’t have been > able to obtain but regular firewall log parsing, and being able to > quantifiy you own applications and make traffic rules based on them is > pretty killer.**** > > **** > > Z**** > > **** > > Edward E. Ziots, CISSP, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected] <javascript:_e({}, 'cvml', '[email protected]');>*** > * > > **** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]***** > > **** > > **** > > *From:* Kevin Lundy [mailto:[email protected] <javascript:_e({}, 'cvml', > '[email protected]');>] > *Sent:* Wednesday, February 06, 2013 3:48 PM**** > > > *To:* NT System Admin Issues > *Subject:* Re: OT: Guest network security**** > > **** > > I have two CCIE's that work for me. Both also used to work for a Cisco > VAR - so obviously Cisco bigots. They both recommended PA to me over the > ASA. From a security perspective, the PA do so much more than ASAs. We > still use ASAs for some intranet firewalls.**** > > **** > > Are you using the Cisco controllers with your WAPs? If so, they have > captive portal capability. They call it Lobby Ambassador.**** > > On Wed, Feb 6, 2013 at 3:20 PM, Kurt Buff > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');>> > wrote:**** > > Our Sidewinders are EOL at the end of April, and my manager doesn't like > them. > > He's a Cisco bigot, and wants ASAs in here. > > I'm fighting him to at least take a look at the Palo Alto platform, or > perhaps the newest iteration of the Sidewinders (which are now called > McAfee Enteprise Firewalls). > > That's an interesting tip on the Sophos solution. What did you use for > the hardware? > > Kurt**** > > > On Wed, Feb 6, 2013 at 11:59 AM, Richard Stovall > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');>> > wrote: > > I was going to suggest using the SonicPoint solution from SonicWall, but > > you've got Sidewinders, don't you? > > > > Does McAfee have anything like SonicWall's wireless solution where it's > all > > managed from the firewall? > > > > PS Sophos has this too, and they give their UTM firewall away free for > home > > use. Just bring your own hardware. I just switched to this the other > day > > and love it so far. I should write a blog post about it. (But then I'd > > have to create a blog...) > > > > > > On Wed, Feb 6, 2013 at 2:36 PM, Kurt Buff > > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');>> > wrote: > >>**** > > >> All, > >> > >> Quite some time ago, I set up an unsecured guest VLAN in our network, > >> providing wireless access to all of the sundry devices that staff and > >> visitors carry. I set up a small FreeBSD machine to serve IP addresses > >> via DHCP, and that was dead simple. > >> > >> It is a layer2 VLAN, traversing our backbone, and terminating on our > >> corporate firewall. > >> > >> However, there are now other tenants in our building, and the subnet > >> is getting too much bandwidth and address consumption - the range I > >> set up is completely filled, and the VLAN is consuming about half of > >> our Internet pipe, which is far too much for my comfort. > >> > >> I suspect the other tenants are leeching. > >> > >> What I've read of captive portals seems to indicate that the portal is > >> part of the firewall. I could be wrong about that, though. Regardless, > the > >> corporate firewall will not be allowed to be part of this solution. > >> > >> The only other alternative I see right now is to set up a password on > >> the SSID, and have the front desk hand it out to guests, after mailing > >> it to staff, and I'm getting pushback on that from my manager. > >> > >> Does anyone have some ideas I could pursue on this? > >> > >> Thanks, > >> > >> Kurt > >> > >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >> > >> --- > >> To manage subscriptions click here: > >> http://lyris.sunbelt-software.com/read/my_forums/ > >> or send an email to > >> [email protected]<javascript:_e({}, 'cvml', > >> '[email protected]');> > >> with the body: unsubscribe ntsysadmin > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to [email protected]<javascript:_e({}, > > 'cvml', '[email protected]');> > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected]<javascript:_e({}, > 'cvml', '[email protected]');> > with the body: unsubscribe ntsysadmin**** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected]<javascript:_e({}, > 'cvml', '[email protected]');> > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected]<javascript:_e({}, > 'cvml', '[email protected]');> > with the body: unsubscribe ntsysadmin**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected]<javascript:_e({}, > 'cvml', '[email protected]');> > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected]<javascript:_e({}, > 'cvml', '[email protected]');> > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image001.jpg>>
