I have been reviewing the emerging specs for GAIA and have some questions that we all should think about before the stampede to upgrade begins.
– Make sure we ask if the functions we are using are supported by 64bit GAIA. For example, P1 is not supported
by 64 bit GAIA. So is DLP, IPS, SmartEvent, SmartLog,etc use 64bit?
– In other words, chances are 80% of your platforms are not memory starved. So what functions are memory starved
and ask if GAIA will make a difference in those environments
– Obviously in your roadmap, if you are planning on buying the whole CP suite and running them on 1 platform 5 years from now, I’m thinking you need GAIA now. So the take away when thinking about GAIA is apply it to your roadmap for memory starved applications.
– NOTE: that most of the new GAIA commands from IPSO are for dynamic routing. Are you running dynamic routing?
– Take away: Look past the marketing and map your environment to what GAIA provides. 64bit on an overloaded gateway; YES!!!! 64bit on a gateway with 100 connections/day. NO or NOT NOW!!!!
– GAIA is the future and CP will obviously compile their full product suite into 64bit. Bug your SE for that roadmap so you can map it to your roadmap.
I don’t have answers yet, but I’m headed to CPX. Maybe we should have a 64bit round table ‘ey and then hit up the developers. I’ll buy the beer!
Stay tuned.
Let the Stampede begin!! GAI—YA!!!!
Dreezman
Greetings MDM’ers,
I come in peace.
Well once again we had our P1 user group and it was well attended. Topics this time:
– P1 Best Practices
– DLP
– GAIA demos
Things that I can recall from memory:
– GAIA will NOT run MDM/P1. This is VERY disappointing because this is where we need it the most. Enterprise P1’s take huge amounts of memory.
– DLP will finally tag file systems and look for files that transit the sensor
– GAIA command line looks like VAX VMS, Cisco, IPSO. Most of the new commands are from IPSO and related to dynamic routing so 90% of us can ignore all that (most people aren’t insane enough to run dynamic routing on their firewalls). Supposedly most of the SPLAT commands are still there (I’m a SPLAT guy so obviously biased.) Looks good.
– WEBGUI is really cool looking, but in reality not sure how many times we’ll use it in an enterprise environment. I’d rather use SmartMonitor (if its working) or Indeni.
– Not sure everyone is aware but there is a cool feature with appliances. You can snapshot the image and keep it on disk. Then during an upgrade when it blows up (and it will), you can just restart from the image snapshot. No more tftp for 1 hour to restore. DOES NOT work for SPLAT.
– ONE ISO for the world. No more ISO of the week. One ISO will build anything everywhere.
I’ll keep updating this as the old bald guy memory gets updated.
If people have ideas how to improve the meetings or topics they would like discussed please let me know and I’ll forward to the decision makers.
MDM on,
dreez
I will update this as I remember
DreezSecurityBlog 