Battle for Firewall: IT Battle of Next Generation Firewall Producers





On August 25, 2020, ROI4CIO IT marketplace held an online competition between vendors Baracuda and Palo Alto for the title of the best Next Generation Firewall manufacturer. Here's how it happened.



One day in the summer of 2020, we decided to hold an IT Battle. We are the ROI4CIO team- a marketplace that helps in choosing an IT product for a specific request. Here vendors and suppliers post information about their own solutions and services, supplementing the basic content with their own insights. A distinctive feature of ROI4CIO is the ability to compare any product with a competitive one through an analytical table and calculate the ROI from implementation. Do not feed us directly with bread, but let us compare IT products and calculate the benefits from their use. But the trouble is that these calculations often remain dry information on the site, and I would like more people to share our passion for comparisons. From this, the idea was born to breathe life into the content of the site and make a real battle between vendors. Realizing that it is summer now and it will not be easy to gather both participants and spectators, we nevertheless decided.



To make a battle professional is quite simple - to call a professional to organize and conduct it - Dmitry Onishchenko , head of the technical pre-sale preparation department at Softprom .







Softprom is a Value Added IT Distributor for the CIS and Europe. For twenty years on the market, it has earned the trust of thousands of partners in 30 countries. Dmitry has been working at Softprom since 2017. Behind him - hundreds of events of various formats, but he hosted IT Battle for the first time. Which is not surprising - in our region this format is only making the first and timid steps.



Although ROI4CIO does not position itself as a cybersecurity platform, cybersecurity occupies a wide niche in the IT market, and, accordingly, prevails on our website. Therefore, it was immediately clear that this battle would be dedicated to IT Security. We decided to start with Next Generation Firewall. These are next-generation firewalls that differ from traditional firewalls in greater control and visibility of the applications that they can identify using signature analysis and matching.



For a colorful battle, the titans of cyber defense were needed, and they were found. Although, let's face it, we were counting on a couple more vendors, but it turned out even better - a duel. Barracuda Networks and Palo Alto Networks have expressed their desire to fight.



Fighter: Barracuda







Barracuda Networks designs, develops and delivers web security solutions. The company's products include protection of e-mail servers from spam, viruses, phishing and spyware attacks, solutions for secure instant messaging, and protection from hacker attacks. Founded in 2002, headquartered in California, serving customers around the world.



Barracud was honored to be represented by Anton Preck , the company 's Senior Consulting Engineer, who has been in the Austrian office for 6 years.







Fighter: Palo Alto







Palo Alto Networks is a next generation cybersecurity company that protects applications and prevents data leaks for thousands of organizations around the world. Built with an innovative approach and highly differentiated cyber defenses, their integrated platform enables you to securely conduct day-to-day business operations while protecting your valuable assets.



Palo Alto chose Denis Batrankov , an IT security specialist who has been advising the company on cyber defense for 6 years, as its representative in the “ring” .







Judges



Denis Chigin , Technical Solution Sale of the company at Softline. Denis's work is directly related to the supply of technical solutions.



Softline offers complex technological solutions, software licensing, hardware and a wide range of IT services. Softline's own cloud platform provides clients with access to public, private and hybrid cloud solutions.







Stanislav Chebotarev , CEO, an expert in the field of information security of the company at Adeline LLP.



Adeline LLP is a system integrator that has been successfully operating in the Kazakhstan information security market since 2007. The company offers its clients both complex solutions for protecting the information environment and the supply of individual products.







Sergey Rabaev, Head of Information Service of Nihol Uzbekistan.



Nihol is a team of professionals with extensive practical experience in the implementation of complex IT projects and digitalization of the state. Has been on the market since 1989.







Vahram Vardevanyan , Cybersecurity Engineer at CyberSec LLC.



CyberSec specializes in successful business security outcomes. It helps to identify key risks, analyze them, determine the composition and priority in the implementation of risk mitigation measures, taking into account the specifics of the client's business.







Before the beginning



The fight consisted of three rounds, each of which was given 2-3 minutes. By the way, it is worth separately here to thank the moderator - thanks to his efforts, the time was not sorted out for a second and the event did not turn into a prolonged, uninteresting squabble.

The first round consisted of a short story about the company and the benefits of proprietary firewalls. The second round is the selection of a product according to the customer's requirement. The third round came with questions from vendors to each other, from the jury and spectators - to the “fighters”. Each round ended with a vote: points were scored from the votes of the jury and the participants in the show.



Round I. Presentation



The first to rush into battle was a representative of Barracuda. He immediately highlighted the main sectors in which the company's solutions are focused. These are Secured, Connected, Automated.



Firewall solutions from Barracuda, according to Anton, include a full range of necessary functions: anti-virus protection, web filtering, application control, DoS / DDoS protection, etc. The expert spoke in more detail about the Advanced Threat Protection microservice, the so-called "sandbox". It translates information received from threats during detonation to lower layers for code-level analysis. The advantage of this algorithm is both faster threat recognition and a less crowded sandbox.







Anton just got to the second sector, Connectivity, but did not have time to tell - the minutes were over. Alas, living for a long time in a different language environment affects - the Russian language used in battle was a block for Anton in quick presentations at all rounds.











Now it's Palo Alto's turn. Denis appears on the screen. He nods to the moderator that he is ready and starts. He presents information easily and confidently. From the talk, we learn that the Palo Alto Networks appliance is the platform for all modern security features to run simultaneously.







It is the protection of enterprise applications regardless of the port with classifications by category and information about the dependence of applications on each other. This approach not only simplifies network management, but also becomes an additional source of contextual information about the operation of applications, users, Internet of Things, ICS, SCADA.







In addition, Palo Alto is the only vendor offering many innovations in NextGen FireWall, such as Machine Learning. It is thanks to the built-in learning mechanism that the latest version of the firewall showed an incredible result on tests - 90% of threats were prevented directly in the firewall.



Denis also managed to mention Unit 42 - a separate research group of the world's best cybersecurity experts from Palo Alto. They collect data, including from their own platform, in order to conduct investigations and identify new threats.







Palo Alto not only provides all the necessary safety elements, but also carries out compliance checks.



Denis finished his presentation exactly on time, having managed to tell everything he wanted about the company. After the end of his speech, the first vote was announced: the jury votes separately, but for the audience they brought poll buttons on the Zoom screen. Only a minute has passed and the first results are in the hands of the presenter, the result - a point from the jury and a point from the audience go to Palo Alto, Barracuda has zero so far.



II round. Customer request



The second round begins by showing a screen with an assignment that was previously sent to both participants. This is a conditional wish of the customer, how he would like to see his NG Firewall. The task was to select a product from their vendor that would best meet the customer's requirements. At the same time, there is no opportunity to clarify anything on this technical task. We brought the battle conditions as close to life as possible (:-) The



moderator asks to take into account that this TK is exotic and not to focus on it. To be honest, looking at the task with an untrained eye, it is difficult to understand what is exotic here.







But in the monologue of the moderator - there is no other word for it - Denis from Palo Alto bursts in, who decides to clarify what is wrong with the task. In his ironic manner, he says that at first he did not notice anything unusual in the text. But stumbling upon one phrase, I realized that this is the Data Sheet of another NG Firewall vendor. True, this did not bother him a little, because this often happens with real customers:



“This is normal. After all, you are buying a device with two thousand functions. And while you read its features to the end, you already forget what happened in the beginning, ”says Denis. “The ears of another vendor became noticeable in the words“ redirecting to CIS ”- this is a standard phrase from booklets about a particular product.”



Denis also notes that in the task for the point of the required support speeds, 5 values ​​are indicated with a large interval, which, they say, looks like the client does not understand what he wants. The moderator counters this by saying that in reality there is nothing surprising in such requests - is it a rarity that a customer comes and does not know what he wants? It's hard to disagree. Therefore, the topic of the second round is not just to choose a product for the customer, but also to convince him that he needs functions in your product, and not what he conditionally read on the advertising post.



In the second round, the players change places - Denis starts, Palo Alto. To present their choice, both participants drop the password-protected files, which are first opened live and displayed on the shared screen. For vendor representatives and a cybersecurity jury, this method seems ridiculously unreliable. On this occasion, one of the jury members makes a joke that it would be interesting to see how our members exchange encrypted files with the Trojan inside. But we, as the organizers, were lucky - the joke remained a joke, the files are safe and sound - and the decision of the first player in this round is displayed on the screen.



"Time has come!" and at the same time, a vendor representative begins to convince a fictitious customer to choose the Palo Alto Networks PA 850 product. It is the leader according to Gartner and in recent tests by NSS Labs. NSS Labs is a globally recognized source of independent, fact-based cybersecurity advice. In their testing of firewalls, the Palo Alto product showed the highest result - all threats that consisted of the check were blocked.



To be fair, it should be noted that in this test one of the Barracuda products also performed well above average, having overcome over 90% of threats.







Palo Alto Networks PA 850 brings new IoT features and updated URL filtering. A fictional customer is offered a one-year technical support. Mocking the terms of the assignment a little, Denis says that, unfortunately, he will not be able to provide an anti-spam solution in the firewall, because Palo Alto specializes in narrow-profile technical solutions. This concludes the presentation of Palo Alto.



Started by Anton, Barracuda. Unlike Denis, he displays not a colorful presentation, but a table with product characteristics and, interestingly, prices. But Palo Alto kept silent about their prices.







The expert immediately offers a set of solutions - after all, we do not know how many devices that need protection the customer is talking about. And at least the price depends on it. That is why Anton offers Barracuda CloudGen Firewall Appliance F380 solution and its modifications.







It is a firewall specifically designed for distributed networks and cloud environments that simplifies cloud deployment with templates, APIs, and deep integration with native cloud functionality. It can be easily deployed to remote sites where there is a lack of skilled IT staff using Zero-Touch Deployment.



After Anton's speech, the second stage of voting begins. In it, Palo Alto gets another point, and one point gets Barracuda - the score becomes 3: 1 in favor of Palo Alto.



III Round. Questions



The moderator announces the rules: the questions can relate to everything that relates to the company that the participant represents - both in terms of the characteristics of the products and, for example, the business model. One question will be asked from the fighters to each other, one question from the jury and one from the audience. The answer is given two minutes.



The first question asks Barracuda to Palo Alto: how is your solution adapted to the clouds?



For the Palo Alto representative, this was not just a question, but another way to demonstrate the benefits of the company's solutions. He says that, unlike many other IT products, everything in Palo Alto was created from scratch, while already counting on many modern technologies (for example, the need to protect applications). So the company's engine is just an advantage in virtualized environments.



Changing positions, and now Denis asks Anton a question:



Now Barracuda has 2 policies - Access Rules and Application Rules - is it planned to form a single security policy out of this?



But in this design, the question sounds only after the moderator twitches - first, the Palo Alto expert expresses his opinion that Barracuda and Palo Alto are inappropriately gathered together in the ring. In his opinion, Palo Alto represents opportunities for corporate clients of medium and large businesses, while Barracuda solutions are focused on small businesses.



In connection with this remark, the Barracuda representative begins his answer with her, and not with a question posed at the last moment. According to Anton, now the IT infrastructure is in its infancy, and small businesses are those who are most actively connected to it. And in addition, the representative recalls that Barracuda was chosen as the first and only vendor in the field to integrate with Microsoft Azure, which contradicts Denis's words about the company's allegedly narrow niche. Anton does not have time to answer the question about the politicians completely, but from what has been said it is clear that for now they will most likely remain unchanged.



The next question is from the jury: "How does your solution fight against anonymizers?"



Palo Alto takes the floor. The company has several ways to fight. One of them is URL filtering, that is, users are simply not allowed to sites that offer downloading such installers. If this happens, then the next component that reacts is the application detector. Here, not for the first time today, Denis notes that Palo Alto not only develop security solutions, but also advise users to follow simple rules, not to rely entirely on security software.



Barracuda responds succinctly - they also implement URL filtering and prohibit the use of VPN clients.



The question from the participants concerns archives - are the contents of encrypted archives inspected and what solutions do you suggest for working with them?



Barracuda is the first to speak. First, companies' solutions have the ability to scan content, which also applies to encrypted archives. Secondly, regarding archives and file transfer, you can set up separate rules and policies: for example, prohibit archives over a certain size, or prohibit accepting such archives altogether.



Palo Alto's answer sounds like a great ad.

“Typically the vendor says it analyzes the applications. In fact, a couple of three are analyzed, while file exchange is carried out in dozens of them. For example, WhatsAPP allows all types of files and archives to pass. Therefore, the challenge is to provide multi-layered protection, add protection to hosts. As for the firewalls, Palo Alto's policy is to block all encrypted archives. ”


The final



These answers are followed by a final vote. And the winner with a score of 5 to 1 is Palo Alto. In the final remarks, Denis says that he did not doubt his victory. While it sounds a little overconfident, it was he who made the event so dynamic by throwing poignant phrases during his responses. For which we are grateful to him. At the same time, although Anton's expertise could not be fully revealed during the event, ROI4CIO invites him to sit as a judge at the next fights.



Of course, participation is already a victory, but nevertheless, our company has in store for the winner a slightly more significant gift - 2 months of free content from ROI4CIO. This includes various sales tools of our development, placement of references, articles, publications with partner companies, ROI calculator.



In conclusion, I would like to note those without whom this event would have remained in the minds of our team - partners from different countries who supported the project.



Ukraine : "Computer Review" edition . Founded in May 1995, it is aimed at IT professionals. Its editorial staff daily prepares more than 20 news and reports, blitz-polls of opinions of market participants, covering current topics.



Kazakhstan : PROFIT IT portal . Thanks to the professionalism of the team, PROFIT has been the main source of information for the Kazakhstani IT community since its opening, since 2004.



Belarus : KV.by- a resource for anyone interested in computer technology. Became the birthplace of significant projects for Belarus - for example, TUT.by and Dev.by. From 1994 to 2011 they existed in the form of the newspaper "Computer News", and since 1997 KV.by has been creating and storing content for readers on the Internet.



Russia : Jobsora - job search resource. It aggregates vacancies presented on verified job sites. The service presents the processed data in a convenient format.



A video about how it was possible to watch it on Youtube .



We hope that soon other giants of the IT market will come together in a fair fight for the title of the best, so we do not say goodbye, but only say: "See you soon!"



All Articles