1

NETWORK & WIRELESS... STAY CONNECTED.

Overview of Next Generation Firewall Security Products

Medium Scale Enterprise, Sep. 2017

GRANDMETRIC GUIDEPAPER

2

Contents

4 Cisco ASA Firewall with FirePOWER

6 Barracuda

9 Fortinet Fortigate

11 Check Point

13 WatchGuard

19 Summary

21 References

3 Executive summary

5 Meraki MX Firewalls

8 Sonic Wall

10 Juniper SRX Series

12 Palo Alto

15 Features and performance comparison table

20 Glossary

3

Next Generation Firewalls

Next Generation Firewalls are designed to provide context and better visibility for traffic flowing through the

network in comparison to legacy stateful firewalls where Layer 3 and 4 information of OSI were the only subject

for classification. Based on different processing engines responsible for providing “next generation” functions,

NG Firewalls are able to mitigate security risks more precisely and under different angle than legacy security

devices. Performing many operations e.g. application layer inspection, user identity recognition, intrusion

prevention mechanisms, antivirus, malware code detection, web filtering based on category and with

conjunction with cloud based security feeds, NGFW products provide modern line of defense. In this report we

are going to assess the enterprise medium scale Next Generation Firewalls performance, networking functions

and security features based on vendor provided information like feature set tables, datasheets and whitepapers

for better network security market insight. We are going to consider NGFW from the following vendors: Cisco,

Cisco Meraki, Fortinet, Palo Alto, Juniper, Check Point, WatchGuard, SonicWall, Barracuda. All information we

use in report is based on vendor publicly accessible technical and marketing materials. The list of vendor was

created based on industry recognition and subjective opinion of Grandmetric researchers. The order of list is

accidental.

4

Cisco ASA FirePOWER

Cisco ASA with FirePOWER Services is an adaptive, threat-focused, next-generation firewall (NGFW). ASA today

can be met in many forms - from small 5506-X model desktop to large data center appliance 5585, virtual ASAv

appliance and service modules installed in data center switch slots. After acquiring the Source Fire Company

by Cisco Systems In 2013, ASA became the fully featured NGFW product called ASA FirePOWER. There are also

Firepower 4100, 2100 and 9000 appliances but they are scaled for higher performance environments that is why

we concentrate on medium-scale ASA5525-X appliance in our report. Licensing of Cisco ASA with FirePOWER

services includes:

▪ Control License - allows user and application control by adding application and user conditions to

access control rules. To enable control you need to enable protection as well. Doesn’t expire.

▪ Protection License - includes intrusion detection and prevention behavior, file control and Security

Intelligence filtering. Doesn’t expire.

▪ Advanced Malware Protection (AMP) license - performs malware code detections and blocking when

transmitted over the network. License is time based.

▪ URL Filtering License – used in access control rules that determine the traffic that can traverse the

network based on URLs and web category requested by monitored hosts. Categories are correlated with

information about those websites, which is obtained from the Cisco cloud by the ASA FirePOWER

module. License is time based.

Example of FirePOWER GUI

5

Meraki MX Firewalls

The Cisco Meraki MX is next-generation firewall that is centrally managed over the web. The web-based

administration with well-designed GUI makes this solution easy to understand for network administrators.

Cloud-based centralized management provides seamless multi-site network provisioning, reconfiguration or

automatic firmware upgrades. The MX is managed entirely through Cisco Meraki’s web based dashboard.

Meraki was founded in 2006 and specializes in Cloud based solutions and was acquired by Cisco Systems in

2012. Currently available models are ranging from MX64 through MX65W with WiFi on board up to MX600 which

is largest appliance. The Cisco Meraki MX are licensed with:

▪ Enterprise license which contains: Statefull firewall, Site to Site VPN, Client VPN, branch routing, link

bonding and failover, application control, web caching

▪ Advanced Security License which contains: all enterprise license features plus Content filtering, geo-

based ip firewall, google safsearch and youtube for Schools, intrusion detection & prevention, advanced

malware protection, Cisco Threat Grid

Cisco Meraki MX firewalls can be met with Copper as well as SFP ports depending on requirements. The Meraki

cloud platform provides network configuration, monitoring, and management functions which enables the

rollout of small networks up to larger multi-tenant distributed deployments.

Example of Meraki GUI

6

Barracuda

Barracuda Networks was founded in 2003 in U.S.A. Services are based on organization’s threat vectors email,

web applications, remote access, web browsing, mobile Internet, and network perimeters whether on premises

or in the cloud. Barracuda derives from the benefits of hardware, cloud, and virtual technology. Barracuda’s

threat intelligence services is known as Barracuda Central. Licensing of the Barracuda products includes:

▪ Base License – includes application control reporting, SSL Interception, WAN Optimization, High

Availability, site-to-site IPsec VPN, client-to-site IPSec VPN

▪ Subscription licenses:

o Barracuda NG Malware Protection – enables the Antivirus service.

o Energize Updates – 24x5 technical support, application control, firmware updates, IPS/IDS

signature updates, Barracuda Web Filter

o Advanced Threat Protection (ATP) license – license allows the suspected files uploading to the

cloud for advanced malware scanning. NG Malware Protection license is required. Number of

files scanned per month and files per minute (burst) is limited to specific platform or cloud

service.

o NG SSL VPN and NAC

o NG Web Security

o NG Web Filter

o Instant Replacement Service

Barracuda NG Firewall products can be bought as Hardware appliance, Virtual appliance, Cloud based in

Microsoft Azure, Google Cloud Platform, VMware vCloud Air public clouds and Amazon AWS.

7

Example of FirePOWER GUI

8

SonicWall

Dell's acquisition of SonicWall became official in May, 2012. The Dell Sonic WALL family of firewalls tightly

integrates intrusion prevention, malware protection, and Application Intelligence and Control with real-time

Visualization. Sonic Wall’s firewall solution also includes a Visualization Dashboard and Real-Time Monitor,

which enables administrators to see specific applications on the network, including information on who is using

them. This information is used for troubleshooting. Sonic Wall involve NSA 2600 for small to medium business

to NSA 6600 for large enterprises. Dell Sonic services licensed are subscriptions for 1 Year:

▪ Advanced Gateway Security Suite:

o Capture Advanced Threat Protection

o Threat Prevention: Intrusion prevention, Gateway Anti-virus, Gateway Anti-Spyware, Cloud Anti-

Virus

o Content Filtering,

o Silver 24x7 Support

o Content Filtering Premium Business Edition

▪ Enforced Client Anti-Virus & Anti-Spyware – Kaspersky

▪ Anti-Spam Service

Example of SonicWall GUI

9

Fortinet Fortigate

Fortinet was founded in 2000. In 2004 introduced ten FortiGate appliances. Fortinet’s Next Generation Firewall

serves to perform in many kind of implementations from data centers NGFW to campus and small offices.

Licensed FortiGate services are:

▪ NGFW (IPS & Application Control) License - understands application layer protocols and apps. Many

applications today use http / https protocols but firewalls need to verify what application is inside the

http / s traffic to truly mitigate the risks or filter based on application type.

▪ Web Filtering License – gives the ability to block access to malicious, hacked, or inappropriate websites.

Working in conjunction with Forti Guard cloud services.

▪ AntiVirus - protects the organization against the viruses, spyware, and content-level threats

▪ FortiSandbox - performs dynamic analysis to identify unknown malware by providing detection and

automated response in the cloud

▪ Mobile Security - provides protection against threats targeting mobile devices by using detection

engines to prevent both new and evolving threats from gaining access to the network and also to

valuable information.

▪ IP Reputation & Anti-Botnet Security Service – aggregates the malicious source IP list delivering up to

date threat intelligence

▪ Industrial Security – feature that controls access to risky industrial protcols

▪ Antispam – protects agains spam at the network perimeter, controlling email attacks and infections

▪ Vulnerability Scanning

It is worth noting that there are few ways of buying subscriptions. Except a la carteservices they can be bought

as bundles. Fortinet offers following bundles:

▪ Fortigate Enterprise Bundle: NGFW App Control & IPS, Web Filtering, FortiSandbox Cloud, Antivirus,

Mobile Security, AntiSpam, core FortiCare security services, 8x5 or 24x7 support

▪ Fortigate Threat Protection Bundle: App Control , IPS, AV services and also suite of support services:

24x7 Support, Advanced Hardware Replacement, Firmware & general upgrades

▪ Fortigate UTM Bundle: NGFW App Control & IPS, Web Filtering, AntiVirus, AntiSpam, IP&Domain

reputation, core FortiCare services

▪ Fortigate NGFW Bundle: classic NGFW features App Control & IPS updates

10

Fortinet developed its own FortiASIC hardware that can support resource intensive operations

Example of Fortigate GUI

Juniper SRX

Juniper Networks is an American multinational corporation founded in 1996. Despite the Juniper is known of its

popular routing platform like T-series and MX Series, it has also strong point in portfolio of Next Generation

Firewalls. The SRX Series is Juniper’s flagship security NGFW product for data centers and branch locations.

Juniper uses a suite of features known as AppSecure, to deliver application-aware components responsible for

application recognition (AppTrack), AppFirewall, AppQoS, IPS, User based application policy enforcement.

Licensed services of the SRX series are:

▪ Antivirus

▪ Antispam

▪ Web filtering

▪ AppSecure suite

▪ IPS

11

Example of SRX GUI

Check Point

Check Point was established in Israel in 1993, but their head office is now based in Seattle, USA, they also

developed one of the world’s first VPN products, VPN-1. Checkpoint NGFW can be installed on specific

appliances or virtually. Check Point has different physical appliances models which are suitable to organizations

of different sizes from small business, enterprises, to high-end Data Centers and Telco implementations. Check

Point vSEC is the line of security products that protect the cloud assets from threats. Check Point products are

available for public and private cloud on WMware, Amazon AWS, and Microsoft Azure. There are also rugged

appliances dedicated for Industrial Control Systems. All NGFW features are available under one license.

Example of Check Point GUI

12

Palo Alto

Palo Alto Networks was founded in 2005. In 2009, the company released a next-generation firewall defining the

way of NG firewalling that is application awareness and full capabilities of both traditional firewalls and intrusion

prevention systems. The following features are licensed by Palo Alto:

▪ Threat Prevention— license provided for antivirus, anti-spyware, and vulnerability protection. Threat

prevention also allows to obtain content updates for malware detection.

▪ Decryption Mirroring license - Provides the license for one to be able to create a copy of decrypted traffic

from the firewall and send it to a traffic collection tool that is capable of receiving raw packet captures

for archiving and analysis.

▪ URL Filtering - provides the ability to control access to websites based on URL category.

▪ WildFire – for WildFire cloud based service to work meaning to receive antivirus signature updates

which includes signature discovered by WildFire one must buy the threat prevention subscription.

Anyway the everyone having base product can configure a file blocking profile to forward portable exec

files to WildFire for analysis.

▪ GlobalProtect – special license for providing extended VPN remote access connectivity that is multiple

gateways usage, mobile apps, mobile security management, host information checks or internal

gateway.

o Portal license – one-time perpetual license for enabling internal gateway, multiple gateway and

HIP checks support

o Gateway subscription – annual subscription that enables HIP content updates. Enables support

for mobile app for iOS and Android.

o GlobalProtect Mobile Security Manager Capacuty License on the GP-100 appliance – one-time

perpetual license for Mobile Security Manager based ont number of mobile devices to be

managed. This license is required only when there is a plan to manage more than 500 mobile

devices.

o GlobalProtect Mobile Security Manager WildFire subscription on the GP-100 appliance – needed

for detecting APK malware on managed Android devices.

Palo Alto offers a range of products from VM Series (VM-Series on VMware® supports VMware NSX®, ESXi™

stand-alone and vCloud® Air™), which are able to identify and control applications within a virtualized

environments. Palo Alto also offers from small to large form factors for small business to large enterprises.

13

Example of Palo Alto appliance GUI

WatchGuard

Watch Guard is a company based in USA which was founded in 1996. From that period WatchGuard became

known through its firewall and VPN solution for small and medium-sized businesses. WatchGuard offers from

small to large enterprise next generation firewall security solutions which are Tabletop Firebox Appliances with

optional built-in Wi-Fi capabilities suitable for SMB and branch office locations, Rack-Mount Firebox Appliances

for mid-sized and distributed enterprise organizations and Virtual/Cloud Firebox Solutions for a private or public

cloud (Amazon AWS or Microsoft Azure). Licensing for the NGFW is a la carte model in which following features

can be chosen:

▪ VPN License - licensing involves Mobile VPN with IPSec which accepts connections from IPSec VPN

client software installed on a remote computer or device. The Mobile VPN client uses Internet Protocol

Security (IPSec) to secure the connection.

▪ Firebox Cloud Services License- License serves to protect the organization from attacks such as

botnets, cross-site scripting, SQL injection attempts, and other intrusion vectors

▪ Spam Blocker (Anti-Spam) - delivers protection from unwanted and dangerous email

▪ Intrusion Prevention Service (IPS) – scans all ports and protocols to provide in-line protection from

attacks

▪ Application Control – Blocks risky, unauthorized apps

▪ WebBlocker (URL/Content Filtering) – provides URL and content filtering

14

▪ Gateway AntiVirus (GAV)– stops viruses from spreading – uses signatures and heuristics

▪ Reputation Enabled Defense (RED) – reputation scoring to ensure faster and safer web surinfg with

botnet detectin capabilities

▪ Network discovery – visual map of all nodes on the network for easy identification of risk and suspicious

behavior

▪ APT Blocker – sandboxing to detect and block advanced malware and zero days

▪ Data Loss Prevention – Detects and prevents sensitive data from leaving the network

▪ Dimension command – takes action to block potential and active network threats identified by

Dimension

▪ Threat Detection and Response – collects, correlates and analyzes network and endpoint data to detect

and take action to stop threats from spreading

Basic Security Suite includes: IPS, App Control, URL/Content Filtering, Anti-Spam, GAV, RED, Network Discovery,

Standard 24x7 Support Total Security Suite includes: all the Basic Suite features plus ATP Blocker, DLP,

Dimension Command, Threat Detection and Response, Gold 24x7 support

Example of WatchGuard Firebox GUI

15

Features and Performance

Vendor Declared

Comparison Table

Feature

Cisco ASA 5525-X

FortiGate 101E Palo Alto PA 3020

Cisco Meraki MX 400

Checkpoint 3200

WatchGuard M200

Barracuda X300

Juniper SRX340

Sonic Wall NSA2600

Software FirePOWER Services

FortiOS PAN-OS Meraki OS Check Point Software Blade

WatchGuard Dimension

Barracuda OS Junos SonicOS

Firewall Throughput 2 Gbps (Max UDP with ideal test condition)

4.4 – 7.4 Gbps (depending on packet size)

2Gbps (App ID enabled)

1 Gbps 4 Gbps (Ideal testing condition -Statefull, 2.1 Gbps in real testing condition)

3.2 Gbps

2.1 Gbps (measured with UDP large packets)

3Gbps (1 Gbps for IMIX)

1.9Gbps (for IMIX 600 Mbps)

IPSec VPN throughput 300 Mbps 4 Gbps 500 Mbps 1 Gbps 2.25 Gbps 1.2 Gbps

300 Mbps 600 Mbps (200 Mbps for IMIX)

700Mbps

IPSec VPN number of tunnels (S2S)

750 2000 1000 1000 No data* 50 Unlimited* 1024 250

SSL VPN Number of Users

750 300 1000 No data No data* 75 Unlimited* 200 250

IPS Throughput 600Mbps 500Mbps (Enterprise MIX)

1000 1 Gbps (IDS) 1.44 Gbps (460 Mbps IPS real testing condition)

1.4 Gbps 350 Mbps 400 Mbps

700 Mbps

Connections per Second 20 000 30 000 50 000 30 000 48 000 20 000 12 000 10 000 15 000

Total Connections 500 000 2 000 000 250 000 1 000 000 3 200 000 1 700 000 120 000 256 000 125 000

Unicast IPv4 Routing Protocols and static routing

Static routing, BGP, EIGRP , RIP, OSPF. PBR

RIP, BGP, OSPF / IS-IS, static routing, PBR

BGP, RIP, OSPF static routing.

OSPF, static routing

RIP, OSPF, BGP, static routing, PBR

BGP, OSPF , PBR , RIP, Static routing

OSPF, RIP, BGP, static routing, PBR

• Static routing, RIP, OSPF , BGP with Route Reflector, IS-IS

BGP, OSPF, RIP, static routing, PBR

Firewall Mode: Router or Bridge

L2, L3 L2, L3 L1, L2, L3 L2,L3 L2, L3 L2, L3 L2, L3 L2, L3 L1, L2, L3

Licensing features Control, Protection, Advanced Malware Protection (AMP), URL Filtering, Available in bundles

NGFW (IPS&App Control), Web Filtering, AntiVirus, FortiSandbox, Mobile Security Services, IP Reputation & Anti-Botnet Security Service, Industrial Security, AntiSpam, Vulnerability Scanning, Available in bundles

Threat Prevention, Decryption Mirroring, URL Filtering, Wild Fire, GlobalProtect (only exended functionality of GlobalProtect is licensed)

Enterprise License ( Statefull firewall, Site to Site VPN, Client VPN, branch routing, link bonding and failover, application control, web caching), Advanced Security License which

All NGFW features are available under one license

VPN, Firebox Cloud Services,Spam Blocker (Anti-Spam), IPS, Application Control, WebBlocker, GAV, RED, Network discovery, APT Blocker, DLP,Dimension command, Threat Detection and Response,

Base License – includes application control reporting, SSL Interception, WAN Optimization, High Availability, site-to-site IPsec VPN, client-to-site IPSec VPN, Subscription licenses:Barracuda NG Malware Protection,Energize Updates, Advanced Threat Protection

Antivirus,Antispam,Web filtering,AppSecure suite,IPS

Advanced Gateway Security Suite:Capture Advanced Threat Protection,Threat Prevention: Intrusion prevention, Gateway Anti-virus, Gateway Anti-Spyware, Cloud AntiVirus,Content

contains: all enterprise license features plus Content filtering, geobased ip firewall, google safsearch and youtube for Schools, intrusion detection & prevention, advanced malware protection, Cisco Threat Grid

Available in bundles

(ATP),NG SSL VPN and NAC,NG Web Security,NG Web Filter, Instant Replacement Service

Filtering,Silver 24x7 Support,Content Filtering Premium Business Edition Enforced Client Anti-Virus & Anti-Spyware – Kaspersky, Anti-Spam Service

High Availability Active/Active Active/Standby

Active /Active, Active/Passive,

Active/Active, Active/Passive

Warm Spare Failover

ClusterXL FireCluster (Active/Active, Active/Passive)

Active/Passive

Active/Active, Active/Passive

Active/Active, Active/Standby

Power AC/DC AC AC AC AC AC AC AC AC

Integrated I/O 8 x 1G O SFP 20 ports 2 DP** 12x1G 8xSFP 2 x1G 2xSFP 5x1G 8x1G 6x1G 8x1G 8SFP 8x1G

Expansion Slots 6 port 10/100/1000

No Expansion No Expansion

No Expansion No Expansion

No Expansion

No Expansion No Expansion

Expansion slot available

Client Software

Anyconnect Forticlient Palo Alto Global Connect

OS Native Endpoint Remote Access VPN Software

WatchGuard Mobile VPN Client

Barracuda Network Access Client / CudaLaunch

Pulse Secure Client

Global VPN Client GVC

Remote Access VPN Types Supported

IPsec SSL VPN

IPsec SSL VPN

IPsec SSL VPN

IPsec IPsec SSL VPN (IPsec not available for M200 boxes)

SSL VPN, TINA, VPN IPSec with 3rd party IPSec clients

Site-site IPsec VPN, auto VPN, group VPN

(IPSec, SSL, L2TP

Port Bundling Support Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Port Channel LACP

Management and Logging System

FMC FortiManager & Fortianalyzer

Panorama Cloud managed

Check Point Security Management

WatchGuard System Manager

No management via Control Center (F series only)

Junos Space Security Director

SonicWall Global Management System

Reporting Style Included in Dashboard

Included in Dashboard

Included in Dashboard

Included in Dashboard

Included in Dashboard

Included in Dashboard

Included in Dashboard

Included Dashboard

Included in Dashboard

* Ask for more information ** DP – Dual Purpose port

Cloud platform support Firepower Threat Defense image only, Microsoft Azure, Amazon AWS,

Fortigate-VM image for AWS, Azure, Google Cloud Platform

VM Series for AWS, Azure, Google Cloud Platform

Meraki vMX100 Series for AWS, Azure

Image for Microsoft Azure, Amazon AWS,

Image for Microsoft Azure, Amazon AWS,

Image for Microsoft Azure, Amazon AWS, Google Cloud Platform

vSRX for Microsoft Azure, Amazon AWS

No data*

3rd Party Authentication Systems integration

Radius TACACS+ Microsoft AD LDAP

Microsoft AD LDAP Radius, TACACS+, SSO, RSA SecureID

LDAP Radius, TACACS+, Kerberos

Microsoft AD LDAP Radius

Microsoft AD LDAP Radius TACACS

Microsoft AD LDAP Radius RSA SecureID

Microsoft AD LDAP Radius NTLM

Microsoft AD LDAP Radius SecureID

Microsoft AD LDAP Radius SSO, Novell, Citrix, Common Access Card, Terminal Services

19

Summary

We have compared 9 NGFW products that are remarkable in the market in 2017. We have done the research in

areas of functionality, scalability, performance and licensing declared by vendors. For your reference we have

built detailed comparison table that you can use for purpose of choosing solution suitable for your organization.

For comparison there were similar platforms chosen in terms of enterprise scale, functionality and performance.

Above report is an overview of what NGFW products are available in the security market today. With this

overview we can see that most of NGFW products have very similar functionalities, some are declared faster

and some more scalable. But the right solution need to be chosen based on your special requirements. Going

deeper into the traffic processing specifics, features behavior and real measured performance will be the subject

of consecutive reports. Stay connected with our coming Grandmetric Guidepapers.

20

Glossary

NGFW: Next Generation Firewall. Firewall that has application layer visibility, IPS, identity capabilities, URL or Web filtering, Anti-Malware detections and more Security Threats awareness.

Botnet: is a network of Internet robots and scripts that are used for distributed denials of service attacks

IPSec VPN: Internet Protocol Security (IPSec) is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security, IPsec VPN is a logical network that is secured by IPSec suite of algorithms.

Site 2 site VPN: connection that is created between two separate locations, two peers. It provides the ability to connect two geographically separate locations or networks, usually over the public Internet connection or a WAN connection.

Remote Access VPN: allows individual users to establish dynamic secure connections with a VPN headend. Remote access VPN can use IPSec protocol or SSL protocol. Remote access VPN uses piece of software that is responsible for VPN establishment on the user side.

SSL VPN: a remote access VPN type logical connection that is SSL secured and could be established in two flavors: client SSL VPN (uses vpn software) and clientless SSL VPN. The second allows remote users to access Web applications, client-server applications and internal network connections without having to install specialized client software on their computers.

Malware: malicious code that is capable of propagating within the network. Malware scans the network to reach and enumerate vulnerable host. When found, the malware is able to take control of the vulnerable hosts with known exploit.

AntiVirus: mechanism that provides capability of virus and trojans infected files and emails detection. AV uses data patterns based on signatures (hash functions) or behavioral analysis to detect viruses.

DLP: data leak prevention is a system that uses inspection mechanism to monitor traffic going out the network under the defined conditions for example credit card patterns, bank account numbers, secret document keywords, number etc.

LACP: is link aggregation protocol that bundles two or more physical ports to one logical link for redundancy purposes.

21

References

1. https://www.checkpoint.com/products/next-generation-threat-prevention/ 2. https://www.checkpoint.com/products-solutions/next-generation-firewalls/ 3. https://assets.barracuda.com/assets/docs/dms/Barracuda_NextGen_Firewall_X_PO_US.pdf 4. https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series 5. https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiGate_100E_Series.pdf 6. https://www.checkpoint.com/downloads/product-related/datasheets/ds-3100-appliance.pdf 7. https://apps.cisco.com/ccw/cpc/guest/content/ucsProductDetails/prod_ASA5525-FPWR-K9 8. http://cisco-apps.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-

firewalls/datasheet-c78-733916.html 9. https://www.sonicwall.com/en-us/products/firewalls/mid-range 10. https://sonicwall-web.s3-accelerate.amazonaws.com/sonicwall.com/media/pdfs/products/sonicos-platform.pdf 11. https://www.sonicwall.com/SonicWall.com/files/e1/e16f7df3-a203-40d4-b751-7f241db24c36.pdf 12. https://www.cisco.com 13. https://www.paloaltonetworks.com 14. http://www.juniper.net 15. https://www.watchguard.com 16. https://www.fortinet.com 17. https://www.checkpoint.com 18. https://www.sonicwall.com 19. https://www.barracuda.com 20. https://meraki.cico.com

NETWORK & WIRELESS... STAY CONNECTED.

info@grandmetric.com

www.grandmetric.com Poznan | Poland | Europe

Grandmetric is an R&D and training company specializing in Next Generation Networks along with Wireless

Systems based in Poznan, Poland. Our latest research is focused on 5G, Internet-of-Things (IoT) and Network

Security. We actively conduct technology trainings, are engaged in developing latest systems, and consulting

network designs.

Shall you have any enquiries or to schedule a meeting with us, please write at: info@grandmetric.com

Note: ETSI is the copyright holder of LTE, LTE-Advanced and LTE-Advanced Pro Logos. LTE is a trade mark of ETSI. Grandmetric Ltd is authorized to use the LTE,

LTE-Advanced or LTE-Advanced Pro logos and the acronym LTE.

For more info STAY CONNECTED

BLOG

©2017 Copyright Grandmetric Sp. z o.o. All rights reserved.

Grandmetric, your Guide through Network & Wireless