Have any question?
(+44) 75 4543 2320
hello@tornet.co.uk
Tor Networks LtdTor Networks Ltd
  • Home
  • Courses
    • Cisco
    • Check Point
    • F5 Networks
    • Fortinet
    • Juniper Networks
    • Palo Alto
  • About Us
    • Become an Instructor
    • Book Exam
  • FAQs
  • Blog
  • Contact
  • Home
  • Courses
    • Cisco
    • Check Point
    • F5 Networks
    • Fortinet
    • Juniper Networks
    • Palo Alto
  • About Us
    • Become an Instructor
    • Book Exam
  • FAQs
  • Blog
  • Contact

Course

  • Home
Showing only one result
    Fortinet NSE4 Network Security Expert level 4Read More
    Admin bar avatar
    infosec

    Fortinet NSE4 Network Security Expert level 4

    Admin bar avatar
    infosec
    327
    students
    £899.00 £199.00

    Our Fortinet next generation firewall Hands-on course for NSE4 is designed for delegates to learn from very basic to Advance Fortinet UTM features. This...

    £899.00 £199.00
    Read More

      0 Comments

    1. Michael
      30th December 2016
      Reply

      Thanks for such a detailed comparison. I would like give some input on what I have found working with CISCO ASA.

      Out-of-Band Management Interface: Cisco – No true out of band you would need an external out of band manager that you are using for the rest of your gear.

      Browser-based GUI: Cisco – Java is a bummer but not a deployment killer. After you, VPN in you can manage via ASDM if you want.

      In-Band Interface Management Profiles: Cisco – I think this give you better control, very few people should have access via a few interfaces.

      Single Security Policy: I have worked with PA, and you have to set a new policy for every network you want to connect to. On a Cisco ASA, you simply do an OBJ and then control access via the ACL. You can do an ACL in the VPN if you want.

      Zone-Based Security Policies
      : PA if you 20 networks you need twenty policies and if these networks need to talk to 10 on the other side that 200 policies. Cisco you just set up the OBJ and control via ACL. So much cleaner and faster.

      Network Objects in Slash-Notation: I do not see this as a big deal some might.

      Tags: That would be nice to have

      Managing all Un-Committed Changes: Cisco – No you can make as many changes as you want then click apply. You will see the CLI lines that will be changed before they are deployed so you can double check your work. I may be missing your point.

      Simple Renaming of almost Everything: This would be a nice to have. OBJ in the ASA cannot be renamed way to go Palo Alto.

      Configuration Log: We Use Opmanager device expert for more than just who did what. You can set up AAA logging in the ASA then sent the logs to a log server so you have all your devices activates in one place. Cisco router have had this feature for years and I do not remember when I have ever used it.

      Traffic Log Filtering: Cisco – This is super easy in a Cisco ASA.

      Adjust Columns: Cisco Most columns are adjustable

      Application Command Center: Cisco has had this since the Pix days. It is on the main dashboard of the ASDM, or you can do it via CLI.

      Route-Based VPN: You can do route base with a router and encrypt the traffic via the ASA. There are other ways to make traffic selection if needed when the base IPSec does not suit your needs. NO GRE yet……

      IKE Policy per VPN: Cisco – True on the IKE, but you can add or delete any protocol you want, and you can granularly control IPSEC for every tunnel.

    2. The G
      3rd June 2017
      Reply

      Very informative article. Thanks.

    3. Adam
      8th July 2017
      Reply

      Well, one of the main differences as well is that Cisco Firepower (ASA with Firepower, or FTD) is a NGFW and NGIPS platform, while PAN is only a NGFW platform.
      Most security experts prefer firepower reports and analysis, while network admins prefer Palo Alto.
      Both platforms are good, but I personally prefer FTD (not the ASA with Firepower) platform.

    4. capricorn
      27th October 2017
      Reply

      Hi!

      Thanks for your post. I have done CCNA (R&S) and CCNA security and have good understanding about NAT, VPN and Firewall concepts. Hands on experience on CISCO ASA.
      I dont have any Palo Alto in my company but I want to do either Fortinet or Palo Alto Firewall certification.
      Is reading book material and watching video for Palo Alto help me passing the exam?

      Thanks

    Leave A Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Copyright © 2017 Tor Networks Limited. All Rights Reserved.

    • Home
    • Courses
    • Blog
    • Terms

    Want a Career in Network Security?

    Take advantage of our packaged offers to supercharge your network security career.

    Get Started Now