R80 – wow

I’m blown away. I’m stunned. I’d sell my kids schoolbooks to use it (I don’t have kids). It is my inner glow.

In the past year I have used:

• Cisco’s new security management GUI
• Palo Alto’s Panorama (sounds like its from the Jetson’s cartoon)
• NSX Distributed Firewall
• R80 Checkpoint

And R80 blows away all the other vendors.

And get this….I think they even tested it before they released it. I know, even I am stunned. OK, there are still some bugs and dealing with CP arrogance is a pain but R80 makes it all OK. They actually thought about the user experience and enhanced its enterprise management capabilities to allow scaling. It is true art.

TESTED: Just basic SmartDashboard on R77.30 gateway. I did not test MDS or R80 gateway which are coming out soon.

[ IN PROGRESS ]

cool things:

• Was in 77.30: Deep inspection of objects. You can search through hierarchies of groups to find a base object like 1.1.1.1. Both in rule base and object finder. The search is like google or you can qualify it. Just beautiful.
• pencils on rules that identify items that were modified
• Local copy of changes that you publish and share with others, finally concurrent access
• SmartLog embedded into Dashboard and interacts with it – very very cool
• 14 second vs 2 minute policy installs – very cool
• From my desktop GUI is API driven. From GUI can console to mgt and issue API statements.
• Add to groups from menu and menu stays up until you are done makes it easy to add to groups. Several ways to group. Grouping is key to scaling a management environment.
• Import/Export domain worked flawlessly
• Can export into spreadsheet rules and objects. Needs a bit of work but step in right direction
• Licensing is actually a bit easier (I thought I’d never say this) to manage

Bad:

• Looks like they will not implement more scoping beyond global/local objects as in the past. I loved PAN’s implementation of global/domain/firewall/zone scoping. When microsegmentation hits, I think we will even need scoping on a per application basis. So application PAYROLL has its own rule/object database and can inherit/export to other databases.
• crashes now and then
• Where is SmartTracker :-(..but you can use R77.30 Tracker!!! Thank YOU!
• For same event – data in Tracker is different that in SmartLog
• vSec integration is pretty basic. You can only see security tags, can’t manipulate them
• Software update notifications are fudged at this time
• Can’t import rules and objects from spreadsheet
• Application-site objects have a flaw that if you use them like groups your rulebase may become corrupted in how it evaluates rules because you might have duplicate application objects and it does not alert you.
• Searching through groups with exceptions doesn’t work right.

I’ll update this as I use it more, but so far kudo’s. For large environments you might want to wait until more bugs are ironed out but for smaller installations you will never look back.

Inner Glow YAAAAH!

dreez