Skip to main content

“If you want to make beautiful music, you must play the black and the white notes together.” ― Richard M. Nixon

Does your product integrate with other security products?

At this point, you should hate product silos (point products) as much as I do.  I understand and respect “divide and conquer” or “best of breed” strategies. I also understand having different security vendors at different layers of the network could possibly prevent an incident better (one vendor might not see/catch a vulnerability but another might have a signature or way of catching it). But isn’t it time to ask your vendors how and if they can work with each other? So what we (vendors) are competitors?  If by integrating with each other, we are able to increase the return on investment (ROI) for the customer, then why not (I know it might sound naive and unaware, but could you just imagine).

Vendors have application programming interfaces (APIs) for interaction with other platforms.  However, customers have to have application development resources to write code for these APIs, and that's not answer to a true and native integration.

Wouldn’t it be nice for vendors to participate in a unified platform or fabric (such as Fortinet’s cooperative security fabric) where customers could easily integrate their products and have a stronger overall security solution? For example, application protocol clients on endpoints from one vendor, working with the sandbox technology of another vendor which then work seamlessly with another vendor’s SD-WAN controller?


There is a reason I brought this topic up. At Fortinet, we came to that conclusion rather early as the next generation of network security. 

Fortinet Security Fabric 

There are a lot of documentation on the Fortinet site about the fabric, its components, benefits and its partners. I have had the chance to work on integrating our sandbox technology with CarbonBlack Protection software. Talking about a match between two superior products.

Fortinet has partnered with over 30 different manufacturers (the number is growing) to "get more value from their security deployments".

To wrap up, don't just ask your vendors for more discount, ask them how they can play nice with others in your playground.



Labels:

Comments

Post a Comment

Popular posts from this blog

MPLS vs VPN (Internet Connection) and power

This topic has been covered extensively by experts. What has not been covered in my opinion, is the underlying and fundamental change of transport infrastructure and specially power. The traditional WAN transport mechanisms are solid in terms of power normalization all through the last mile.  With the new (or not so new) shift towards commercially available Internet connections (namely DSL and Cable), customers need to watch out for excessive power coming through those lines and the respective modems and into their edge devices. There are surge protectors out there with "ethernet in/out" ports which could be used to mitigate this problem. Happy conversation out there...
Post a Comment
Read more

There is sizing, and then there is right sizing

When it comes to firewall upgrades or refreshes, you need to know your: Current traffic volumes and mixture Session counts Number of users Current and future Internet or private connection pipes Current and future throughput requirements (VPN, SSL Inspection and decryption, etc...) Current and future unified threat management (UTM) needs Interface requirements  Number of IP devices LAG requirements  Future growth  I am sure you can come up with more variables and compare it to the vendors specification sheet in order to come up with an accurate size or model of a security appliance.  However, nothing beats a real/live test with a traffic generator.   When I usually size a box based on the customer's requirements, I also factor in real life examples, previous firewall implementations and what the Internet/application traffic trends. I have heard so many "oh we are not going to use such and such application" or "we will never use SSL inspection"...
Post a Comment
Read more