overview of next generation firewall security products · overview of next generation firewall...
TRANSCRIPT
1
NETWORK & WIRELESS... STAY CONNECTED.
Overview of Next Generation Firewall Security Products
Medium Scale Enterprise, Sep. 2017
GRANDMETRIC GUIDEPAPER
2
Contents
4 Cisco ASA Firewall with FirePOWER
6 Barracuda
9 Fortinet Fortigate
11 Check Point
13 WatchGuard
19 Summary
21 References
3 Executive summary
5 Meraki MX Firewalls
8 Sonic Wall
10 Juniper SRX Series
12 Palo Alto
15 Features and performance comparison table
20 Glossary
3
Next Generation Firewalls
Next Generation Firewalls are designed to provide context and better visibility for traffic flowing through the
network in comparison to legacy stateful firewalls where Layer 3 and 4 information of OSI were the only subject
for classification. Based on different processing engines responsible for providing “next generation” functions,
NG Firewalls are able to mitigate security risks more precisely and under different angle than legacy security
devices. Performing many operations e.g. application layer inspection, user identity recognition, intrusion
prevention mechanisms, antivirus, malware code detection, web filtering based on category and with
conjunction with cloud based security feeds, NGFW products provide modern line of defense. In this report we
are going to assess the enterprise medium scale Next Generation Firewalls performance, networking functions
and security features based on vendor provided information like feature set tables, datasheets and whitepapers
for better network security market insight. We are going to consider NGFW from the following vendors: Cisco,
Cisco Meraki, Fortinet, Palo Alto, Juniper, Check Point, WatchGuard, SonicWall, Barracuda. All information we
use in report is based on vendor publicly accessible technical and marketing materials. The list of vendor was
created based on industry recognition and subjective opinion of Grandmetric researchers. The order of list is
accidental.
4
Cisco ASA FirePOWER
Cisco ASA with FirePOWER Services is an adaptive, threat-focused, next-generation firewall (NGFW). ASA today
can be met in many forms - from small 5506-X model desktop to large data center appliance 5585, virtual ASAv
appliance and service modules installed in data center switch slots. After acquiring the Source Fire Company
by Cisco Systems In 2013, ASA became the fully featured NGFW product called ASA FirePOWER. There are also
Firepower 4100, 2100 and 9000 appliances but they are scaled for higher performance environments that is why
we concentrate on medium-scale ASA5525-X appliance in our report. Licensing of Cisco ASA with FirePOWER
services includes:
▪ Control License - allows user and application control by adding application and user conditions to
access control rules. To enable control you need to enable protection as well. Doesn’t expire.
▪ Protection License - includes intrusion detection and prevention behavior, file control and Security
Intelligence filtering. Doesn’t expire.
▪ Advanced Malware Protection (AMP) license - performs malware code detections and blocking when
transmitted over the network. License is time based.
▪ URL Filtering License – used in access control rules that determine the traffic that can traverse the
network based on URLs and web category requested by monitored hosts. Categories are correlated with
information about those websites, which is obtained from the Cisco cloud by the ASA FirePOWER
module. License is time based.
Example of FirePOWER GUI
5
Meraki MX Firewalls
The Cisco Meraki MX is next-generation firewall that is centrally managed over the web. The web-based
administration with well-designed GUI makes this solution easy to understand for network administrators.
Cloud-based centralized management provides seamless multi-site network provisioning, reconfiguration or
automatic firmware upgrades. The MX is managed entirely through Cisco Meraki’s web based dashboard.
Meraki was founded in 2006 and specializes in Cloud based solutions and was acquired by Cisco Systems in
2012. Currently available models are ranging from MX64 through MX65W with WiFi on board up to MX600 which
is largest appliance. The Cisco Meraki MX are licensed with:
▪ Enterprise license which contains: Statefull firewall, Site to Site VPN, Client VPN, branch routing, link
bonding and failover, application control, web caching
▪ Advanced Security License which contains: all enterprise license features plus Content filtering, geo-
based ip firewall, google safsearch and youtube for Schools, intrusion detection & prevention, advanced
malware protection, Cisco Threat Grid
Cisco Meraki MX firewalls can be met with Copper as well as SFP ports depending on requirements. The Meraki
cloud platform provides network configuration, monitoring, and management functions which enables the
rollout of small networks up to larger multi-tenant distributed deployments.
Example of Meraki GUI
6
Barracuda
Barracuda Networks was founded in 2003 in U.S.A. Services are based on organization’s threat vectors email,
web applications, remote access, web browsing, mobile Internet, and network perimeters whether on premises
or in the cloud. Barracuda derives from the benefits of hardware, cloud, and virtual technology. Barracuda’s
threat intelligence services is known as Barracuda Central. Licensing of the Barracuda products includes:
▪ Base License – includes application control reporting, SSL Interception, WAN Optimization, High
Availability, site-to-site IPsec VPN, client-to-site IPSec VPN
▪ Subscription licenses:
o Barracuda NG Malware Protection – enables the Antivirus service.
o Energize Updates – 24x5 technical support, application control, firmware updates, IPS/IDS
signature updates, Barracuda Web Filter
o Advanced Threat Protection (ATP) license – license allows the suspected files uploading to the
cloud for advanced malware scanning. NG Malware Protection license is required. Number of
files scanned per month and files per minute (burst) is limited to specific platform or cloud
service.
o NG SSL VPN and NAC
o NG Web Security
o NG Web Filter
o Instant Replacement Service
Barracuda NG Firewall products can be bought as Hardware appliance, Virtual appliance, Cloud based in
Microsoft Azure, Google Cloud Platform, VMware vCloud Air public clouds and Amazon AWS.
7
Example of FirePOWER GUI
8
SonicWall
Dell's acquisition of SonicWall became official in May, 2012. The Dell Sonic WALL family of firewalls tightly
integrates intrusion prevention, malware protection, and Application Intelligence and Control with real-time
Visualization. Sonic Wall’s firewall solution also includes a Visualization Dashboard and Real-Time Monitor,
which enables administrators to see specific applications on the network, including information on who is using
them. This information is used for troubleshooting. Sonic Wall involve NSA 2600 for small to medium business
to NSA 6600 for large enterprises. Dell Sonic services licensed are subscriptions for 1 Year:
▪ Advanced Gateway Security Suite:
o Capture Advanced Threat Protection
o Threat Prevention: Intrusion prevention, Gateway Anti-virus, Gateway Anti-Spyware, Cloud Anti-
Virus
o Content Filtering,
o Silver 24x7 Support
o Content Filtering Premium Business Edition
▪ Enforced Client Anti-Virus & Anti-Spyware – Kaspersky
▪ Anti-Spam Service
Example of SonicWall GUI
9
Fortinet Fortigate
Fortinet was founded in 2000. In 2004 introduced ten FortiGate appliances. Fortinet’s Next Generation Firewall
serves to perform in many kind of implementations from data centers NGFW to campus and small offices.
Licensed FortiGate services are:
▪ NGFW (IPS & Application Control) License - understands application layer protocols and apps. Many
applications today use http / https protocols but firewalls need to verify what application is inside the
http / s traffic to truly mitigate the risks or filter based on application type.
▪ Web Filtering License – gives the ability to block access to malicious, hacked, or inappropriate websites.
Working in conjunction with Forti Guard cloud services.
▪ AntiVirus - protects the organization against the viruses, spyware, and content-level threats
▪ FortiSandbox - performs dynamic analysis to identify unknown malware by providing detection and
automated response in the cloud
▪ Mobile Security - provides protection against threats targeting mobile devices by using detection
engines to prevent both new and evolving threats from gaining access to the network and also to
valuable information.
▪ IP Reputation & Anti-Botnet Security Service – aggregates the malicious source IP list delivering up to
date threat intelligence
▪ Industrial Security – feature that controls access to risky industrial protcols
▪ Antispam – protects agains spam at the network perimeter, controlling email attacks and infections
▪ Vulnerability Scanning
It is worth noting that there are few ways of buying subscriptions. Except a la carteservices they can be bought
as bundles. Fortinet offers following bundles:
▪ Fortigate Enterprise Bundle: NGFW App Control & IPS, Web Filtering, FortiSandbox Cloud, Antivirus,
Mobile Security, AntiSpam, core FortiCare security services, 8x5 or 24x7 support
▪ Fortigate Threat Protection Bundle: App Control , IPS, AV services and also suite of support services:
24x7 Support, Advanced Hardware Replacement, Firmware & general upgrades
▪ Fortigate UTM Bundle: NGFW App Control & IPS, Web Filtering, AntiVirus, AntiSpam, IP&Domain
reputation, core FortiCare services
▪ Fortigate NGFW Bundle: classic NGFW features App Control & IPS updates
10
Fortinet developed its own FortiASIC hardware that can support resource intensive operations
Example of Fortigate GUI
Juniper SRX
Juniper Networks is an American multinational corporation founded in 1996. Despite the Juniper is known of its
popular routing platform like T-series and MX Series, it has also strong point in portfolio of Next Generation
Firewalls. The SRX Series is Juniper’s flagship security NGFW product for data centers and branch locations.
Juniper uses a suite of features known as AppSecure, to deliver application-aware components responsible for
application recognition (AppTrack), AppFirewall, AppQoS, IPS, User based application policy enforcement.
Licensed services of the SRX series are:
▪ Antivirus
▪ Antispam
▪ Web filtering
▪ AppSecure suite
▪ IPS
11
Example of SRX GUI
Check Point
Check Point was established in Israel in 1993, but their head office is now based in Seattle, USA, they also
developed one of the world’s first VPN products, VPN-1. Checkpoint NGFW can be installed on specific
appliances or virtually. Check Point has different physical appliances models which are suitable to organizations
of different sizes from small business, enterprises, to high-end Data Centers and Telco implementations. Check
Point vSEC is the line of security products that protect the cloud assets from threats. Check Point products are
available for public and private cloud on WMware, Amazon AWS, and Microsoft Azure. There are also rugged
appliances dedicated for Industrial Control Systems. All NGFW features are available under one license.
Example of Check Point GUI
12
Palo Alto
Palo Alto Networks was founded in 2005. In 2009, the company released a next-generation firewall defining the
way of NG firewalling that is application awareness and full capabilities of both traditional firewalls and intrusion
prevention systems. The following features are licensed by Palo Alto:
▪ Threat Prevention— license provided for antivirus, anti-spyware, and vulnerability protection. Threat
prevention also allows to obtain content updates for malware detection.
▪ Decryption Mirroring license - Provides the license for one to be able to create a copy of decrypted traffic
from the firewall and send it to a traffic collection tool that is capable of receiving raw packet captures
for archiving and analysis.
▪ URL Filtering - provides the ability to control access to websites based on URL category.
▪ WildFire – for WildFire cloud based service to work meaning to receive antivirus signature updates
which includes signature discovered by WildFire one must buy the threat prevention subscription.
Anyway the everyone having base product can configure a file blocking profile to forward portable exec
files to WildFire for analysis.
▪ GlobalProtect – special license for providing extended VPN remote access connectivity that is multiple
gateways usage, mobile apps, mobile security management, host information checks or internal
gateway.
o Portal license – one-time perpetual license for enabling internal gateway, multiple gateway and
HIP checks support
o Gateway subscription – annual subscription that enables HIP content updates. Enables support
for mobile app for iOS and Android.
o GlobalProtect Mobile Security Manager Capacuty License on the GP-100 appliance – one-time
perpetual license for Mobile Security Manager based ont number of mobile devices to be
managed. This license is required only when there is a plan to manage more than 500 mobile
devices.
o GlobalProtect Mobile Security Manager WildFire subscription on the GP-100 appliance – needed
for detecting APK malware on managed Android devices.
Palo Alto offers a range of products from VM Series (VM-Series on VMware® supports VMware NSX®, ESXi™
stand-alone and vCloud® Air™), which are able to identify and control applications within a virtualized
environments. Palo Alto also offers from small to large form factors for small business to large enterprises.
13
Example of Palo Alto appliance GUI
WatchGuard
Watch Guard is a company based in USA which was founded in 1996. From that period WatchGuard became
known through its firewall and VPN solution for small and medium-sized businesses. WatchGuard offers from
small to large enterprise next generation firewall security solutions which are Tabletop Firebox Appliances with
optional built-in Wi-Fi capabilities suitable for SMB and branch office locations, Rack-Mount Firebox Appliances
for mid-sized and distributed enterprise organizations and Virtual/Cloud Firebox Solutions for a private or public
cloud (Amazon AWS or Microsoft Azure). Licensing for the NGFW is a la carte model in which following features
can be chosen:
▪ VPN License - licensing involves Mobile VPN with IPSec which accepts connections from IPSec VPN
client software installed on a remote computer or device. The Mobile VPN client uses Internet Protocol
Security (IPSec) to secure the connection.
▪ Firebox Cloud Services License- License serves to protect the organization from attacks such as
botnets, cross-site scripting, SQL injection attempts, and other intrusion vectors
▪ Spam Blocker (Anti-Spam) - delivers protection from unwanted and dangerous email
▪ Intrusion Prevention Service (IPS) – scans all ports and protocols to provide in-line protection from
attacks
▪ Application Control – Blocks risky, unauthorized apps
▪ WebBlocker (URL/Content Filtering) – provides URL and content filtering
14
▪ Gateway AntiVirus (GAV)– stops viruses from spreading – uses signatures and heuristics
▪ Reputation Enabled Defense (RED) – reputation scoring to ensure faster and safer web surinfg with
botnet detectin capabilities
▪ Network discovery – visual map of all nodes on the network for easy identification of risk and suspicious
behavior
▪ APT Blocker – sandboxing to detect and block advanced malware and zero days
▪ Data Loss Prevention – Detects and prevents sensitive data from leaving the network
▪ Dimension command – takes action to block potential and active network threats identified by
Dimension
▪ Threat Detection and Response – collects, correlates and analyzes network and endpoint data to detect
and take action to stop threats from spreading
Basic Security Suite includes: IPS, App Control, URL/Content Filtering, Anti-Spam, GAV, RED, Network Discovery,
Standard 24x7 Support Total Security Suite includes: all the Basic Suite features plus ATP Blocker, DLP,
Dimension Command, Threat Detection and Response, Gold 24x7 support
Example of WatchGuard Firebox GUI
15
Features and Performance
Vendor Declared
Comparison Table
Feature
Cisco ASA 5525-X
FortiGate 101E Palo Alto PA 3020
Cisco Meraki MX 400
Checkpoint 3200
WatchGuard M200
Barracuda X300
Juniper SRX340
Sonic Wall NSA2600
Software FirePOWER Services
FortiOS PAN-OS Meraki OS Check Point Software Blade
WatchGuard Dimension
Barracuda OS Junos SonicOS
Firewall Throughput 2 Gbps (Max UDP with ideal test condition)
4.4 – 7.4 Gbps (depending on packet size)
2Gbps (App ID enabled)
1 Gbps 4 Gbps (Ideal testing condition -Statefull, 2.1 Gbps in real testing condition)
3.2 Gbps
2.1 Gbps (measured with UDP large packets)
3Gbps (1 Gbps for IMIX)
1.9Gbps (for IMIX 600 Mbps)
IPSec VPN throughput 300 Mbps 4 Gbps 500 Mbps 1 Gbps 2.25 Gbps 1.2 Gbps
300 Mbps 600 Mbps (200 Mbps for IMIX)
700Mbps
IPSec VPN number of tunnels (S2S)
750 2000 1000 1000 No data* 50 Unlimited* 1024 250
SSL VPN Number of Users
750 300 1000 No data No data* 75 Unlimited* 200 250
IPS Throughput 600Mbps 500Mbps (Enterprise MIX)
1000 1 Gbps (IDS) 1.44 Gbps (460 Mbps IPS real testing condition)
1.4 Gbps 350 Mbps 400 Mbps
700 Mbps
Connections per Second 20 000 30 000 50 000 30 000 48 000 20 000 12 000 10 000 15 000
Total Connections 500 000 2 000 000 250 000 1 000 000 3 200 000 1 700 000 120 000 256 000 125 000
Unicast IPv4 Routing Protocols and static routing
Static routing, BGP, EIGRP , RIP, OSPF. PBR
RIP, BGP, OSPF / IS-IS, static routing, PBR
BGP, RIP, OSPF static routing.
OSPF, static routing
RIP, OSPF, BGP, static routing, PBR
BGP, OSPF , PBR , RIP, Static routing
OSPF, RIP, BGP, static routing, PBR
• Static routing, RIP, OSPF , BGP with Route Reflector, IS-IS
BGP, OSPF, RIP, static routing, PBR
Firewall Mode: Router or Bridge
L2, L3 L2, L3 L1, L2, L3 L2,L3 L2, L3 L2, L3 L2, L3 L2, L3 L1, L2, L3
Licensing features Control, Protection, Advanced Malware Protection (AMP), URL Filtering, Available in bundles
NGFW (IPS&App Control), Web Filtering, AntiVirus, FortiSandbox, Mobile Security Services, IP Reputation & Anti-Botnet Security Service, Industrial Security, AntiSpam, Vulnerability Scanning, Available in bundles
Threat Prevention, Decryption Mirroring, URL Filtering, Wild Fire, GlobalProtect (only exended functionality of GlobalProtect is licensed)
Enterprise License ( Statefull firewall, Site to Site VPN, Client VPN, branch routing, link bonding and failover, application control, web caching), Advanced Security License which
All NGFW features are available under one license
VPN, Firebox Cloud Services,Spam Blocker (Anti-Spam), IPS, Application Control, WebBlocker, GAV, RED, Network discovery, APT Blocker, DLP,Dimension command, Threat Detection and Response,
Base License – includes application control reporting, SSL Interception, WAN Optimization, High Availability, site-to-site IPsec VPN, client-to-site IPSec VPN, Subscription licenses:Barracuda NG Malware Protection,Energize Updates, Advanced Threat Protection
Antivirus,Antispam,Web filtering,AppSecure suite,IPS
Advanced Gateway Security Suite:Capture Advanced Threat Protection,Threat Prevention: Intrusion prevention, Gateway Anti-virus, Gateway Anti-Spyware, Cloud AntiVirus,Content
contains: all enterprise license features plus Content filtering, geobased ip firewall, google safsearch and youtube for Schools, intrusion detection & prevention, advanced malware protection, Cisco Threat Grid
Available in bundles
(ATP),NG SSL VPN and NAC,NG Web Security,NG Web Filter, Instant Replacement Service
Filtering,Silver 24x7 Support,Content Filtering Premium Business Edition Enforced Client Anti-Virus & Anti-Spyware – Kaspersky, Anti-Spam Service
High Availability Active/Active Active/Standby
Active /Active, Active/Passive,
Active/Active, Active/Passive
Warm Spare Failover
ClusterXL FireCluster (Active/Active, Active/Passive)
Active/Passive
Active/Active, Active/Passive
Active/Active, Active/Standby
Power AC/DC AC AC AC AC AC AC AC AC
Integrated I/O 8 x 1G O SFP 20 ports 2 DP** 12x1G 8xSFP 2 x1G 2xSFP 5x1G 8x1G 6x1G 8x1G 8SFP 8x1G
Expansion Slots 6 port 10/100/1000
No Expansion No Expansion
No Expansion No Expansion
No Expansion
No Expansion No Expansion
Expansion slot available
Client Software
Anyconnect Forticlient Palo Alto Global Connect
OS Native Endpoint Remote Access VPN Software
WatchGuard Mobile VPN Client
Barracuda Network Access Client / CudaLaunch
Pulse Secure Client
Global VPN Client GVC
Remote Access VPN Types Supported
IPsec SSL VPN
IPsec SSL VPN
IPsec SSL VPN
IPsec IPsec SSL VPN (IPsec not available for M200 boxes)
SSL VPN, TINA, VPN IPSec with 3rd party IPSec clients
Site-site IPsec VPN, auto VPN, group VPN
(IPSec, SSL, L2TP
Port Bundling Support Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Port Channel LACP
Management and Logging System
FMC FortiManager & Fortianalyzer
Panorama Cloud managed
Check Point Security Management
WatchGuard System Manager
No management via Control Center (F series only)
Junos Space Security Director
SonicWall Global Management System
Reporting Style Included in Dashboard
Included in Dashboard
Included in Dashboard
Included in Dashboard
Included in Dashboard
Included in Dashboard
Included in Dashboard
Included Dashboard
Included in Dashboard
* Ask for more information ** DP – Dual Purpose port
Cloud platform support Firepower Threat Defense image only, Microsoft Azure, Amazon AWS,
Fortigate-VM image for AWS, Azure, Google Cloud Platform
VM Series for AWS, Azure, Google Cloud Platform
Meraki vMX100 Series for AWS, Azure
Image for Microsoft Azure, Amazon AWS,
Image for Microsoft Azure, Amazon AWS,
Image for Microsoft Azure, Amazon AWS, Google Cloud Platform
vSRX for Microsoft Azure, Amazon AWS
No data*
3rd Party Authentication Systems integration
Radius TACACS+ Microsoft AD LDAP
Microsoft AD LDAP Radius, TACACS+, SSO, RSA SecureID
LDAP Radius, TACACS+, Kerberos
Microsoft AD LDAP Radius
Microsoft AD LDAP Radius TACACS
Microsoft AD LDAP Radius RSA SecureID
Microsoft AD LDAP Radius NTLM
Microsoft AD LDAP Radius SecureID
Microsoft AD LDAP Radius SSO, Novell, Citrix, Common Access Card, Terminal Services
19
Summary
We have compared 9 NGFW products that are remarkable in the market in 2017. We have done the research in
areas of functionality, scalability, performance and licensing declared by vendors. For your reference we have
built detailed comparison table that you can use for purpose of choosing solution suitable for your organization.
For comparison there were similar platforms chosen in terms of enterprise scale, functionality and performance.
Above report is an overview of what NGFW products are available in the security market today. With this
overview we can see that most of NGFW products have very similar functionalities, some are declared faster
and some more scalable. But the right solution need to be chosen based on your special requirements. Going
deeper into the traffic processing specifics, features behavior and real measured performance will be the subject
of consecutive reports. Stay connected with our coming Grandmetric Guidepapers.
20
Glossary
NGFW: Next Generation Firewall. Firewall that has application layer visibility, IPS, identity capabilities, URL or Web filtering, Anti-Malware detections and more Security Threats awareness.
Botnet: is a network of Internet robots and scripts that are used for distributed denials of service attacks
IPSec VPN: Internet Protocol Security (IPSec) is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security, IPsec VPN is a logical network that is secured by IPSec suite of algorithms.
Site 2 site VPN: connection that is created between two separate locations, two peers. It provides the ability to connect two geographically separate locations or networks, usually over the public Internet connection or a WAN connection.
Remote Access VPN: allows individual users to establish dynamic secure connections with a VPN headend. Remote access VPN can use IPSec protocol or SSL protocol. Remote access VPN uses piece of software that is responsible for VPN establishment on the user side.
SSL VPN: a remote access VPN type logical connection that is SSL secured and could be established in two flavors: client SSL VPN (uses vpn software) and clientless SSL VPN. The second allows remote users to access Web applications, client-server applications and internal network connections without having to install specialized client software on their computers.
Malware: malicious code that is capable of propagating within the network. Malware scans the network to reach and enumerate vulnerable host. When found, the malware is able to take control of the vulnerable hosts with known exploit.
AntiVirus: mechanism that provides capability of virus and trojans infected files and emails detection. AV uses data patterns based on signatures (hash functions) or behavioral analysis to detect viruses.
DLP: data leak prevention is a system that uses inspection mechanism to monitor traffic going out the network under the defined conditions for example credit card patterns, bank account numbers, secret document keywords, number etc.
LACP: is link aggregation protocol that bundles two or more physical ports to one logical link for redundancy purposes.
21
References
1. https://www.checkpoint.com/products/next-generation-threat-prevention/ 2. https://www.checkpoint.com/products-solutions/next-generation-firewalls/ 3. https://assets.barracuda.com/assets/docs/dms/Barracuda_NextGen_Firewall_X_PO_US.pdf 4. https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series 5. https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiGate_100E_Series.pdf 6. https://www.checkpoint.com/downloads/product-related/datasheets/ds-3100-appliance.pdf 7. https://apps.cisco.com/ccw/cpc/guest/content/ucsProductDetails/prod_ASA5525-FPWR-K9 8. http://cisco-apps.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-
firewalls/datasheet-c78-733916.html 9. https://www.sonicwall.com/en-us/products/firewalls/mid-range 10. https://sonicwall-web.s3-accelerate.amazonaws.com/sonicwall.com/media/pdfs/products/sonicos-platform.pdf 11. https://www.sonicwall.com/SonicWall.com/files/e1/e16f7df3-a203-40d4-b751-7f241db24c36.pdf 12. https://www.cisco.com 13. https://www.paloaltonetworks.com 14. http://www.juniper.net 15. https://www.watchguard.com 16. https://www.fortinet.com 17. https://www.checkpoint.com 18. https://www.sonicwall.com 19. https://www.barracuda.com 20. https://meraki.cico.com
NETWORK & WIRELESS... STAY CONNECTED.
www.grandmetric.com Poznan | Poland | Europe
Grandmetric is an R&D and training company specializing in Next Generation Networks along with Wireless
Systems based in Poznan, Poland. Our latest research is focused on 5G, Internet-of-Things (IoT) and Network
Security. We actively conduct technology trainings, are engaged in developing latest systems, and consulting
network designs.
Shall you have any enquiries or to schedule a meeting with us, please write at: [email protected]
Note: ETSI is the copyright holder of LTE, LTE-Advanced and LTE-Advanced Pro Logos. LTE is a trade mark of ETSI. Grandmetric Ltd is authorized to use the LTE,
LTE-Advanced or LTE-Advanced Pro logos and the acronym LTE.
For more info STAY CONNECTED
BLOG
©2017 Copyright Grandmetric Sp. z o.o. All rights reserved.
Grandmetric, your Guide through Network & Wireless