Adding NGFW functions into the pure play SD-WAN solution is much more difficult than adding SD-WAN feature to NGFW. So when you go away from backhauling all branch traffic to HQ (moving towards direct cloud access and enabling edge computing) you need to be sure that the…
If you need a SIEM for compliance, connect as much log sources as possible from your production environment, and pay attention to storage architecture, parsing non-standard/non-typical sources, licensing moments for network devices and hosts
If you need a SIEM for threat…
Avoid applying default IPS profile on every firewall rule, because it contains a lot of unnecessary signatures for particular rule. Try to optimize/minimize the count of signatures by selecting appropriate filters (by target/OS/App/severity/protocol). As a result, you can…
