Peer-Driven Insights

Firewall

Active Ambassadors in This Topic

Vanshul Chawla

Vanshul Chawla

Nielsen

Software, 10k+

IN
Dr Aaron Isaacs

Dr Aaron Isaacs

VXI GLOBAL SOLUTIONS, LLC

Services (non-Government), 10k+

United States
Fabrizio Degni

Fabrizio Degni

Webuild

Construction, 10k+

IT
View All Community Ambassadors

Community Posts

I'm interested in understanding your approach to establishing a two-way trust between Active Directories in the following scenario: A larger company A acquires a mid-sized or smaller-sized company B, at what point do you feel comfortable establishing a two-way trust between both Active Directories? The priority is to ensure business continuity without impacting their clients on both ends, while recognizing that integration would be significantly easier with a trust established. What would be your key considerations that you typically review prior to even entering discussions about this capability. My focus is on the prerequisites for trusting a new entity that was previously managed by another IT team within your organization. For example, do you conduct by default a full penetration test, assess the network and external-facing systems, perform policy health checks, evaluate conditional access settings, breach history of Company B and/or their vendors etc. and demand changes to get as close to your standard before proceeding? If yes how close do you get before feeling a little more comfortable before accepting all the risks?

Read More Comments

Recently there have been questions from our associates about blocking traffic from certain countries mostly driven by impact when they travel.  While we use a scoring threshold using Cybersecurity Exposure Index (CEI) or National Cyber Security Index (NCSI) etc. some countries that score better should be on the list based on state sponsored activity or political turmoil. What criteria are you using for blocking traffic from countries via geo fencing? Are you documenting the criteria in a policy? Are you having challenges defending the countries on the list?

Does the term "novel attack" resonate with security teams? or does "unknown attack" resonate better? What would you consider novel/unknown attacks? Does your current threat detection solution detect novel/unknown attacks?

Read More Comments

We are looking at implementing role-based access controls on some of our SaaS platforms due to entry into emerging markets. Does anyone have best practices to share?

Read More Comments

What are firewall change management best practices?

Read More Comments

Which is better: a one-vendor firewall strategy, or a two-vendor firewall strategy?  Why?

Read More Comments

Does anyone have experience of both Azure Firewall and FortiGate NGFWs? Or tips for comparing FW offerings?

We are looking for a WAF for our new SaaS system which uses GraphQL API. The concern is that AWS WAF might not be suitable; the "free" OWASP ruleset would not suffice and custom rules means manpower investment and ongoing costs. Any experience or recommendation would be appreciated!