
A decisionmaker's guide to buying security appliances and gateways - reader_1000
http://addxorrol.blogspot.com/2015/12/a-decisionmakers-guide-to-buying.html
======
jzwinck
I would add one question for the prospective customer of such an appliance:
why do you need it?

Why do you need an appliance analyzing all your network traffic in real time?
And if you truly do need such an appliance, why does it need to be connected
to anything other than mirror ports (where it cannot transmit) and a dedicated
console which is not connected to the rest of the network?

If some clever attacker ruins your pervasive-surveillance appliance, you will
have lost nothing other than a bit of time if you did not connect it to a
network it can use to exfiltrate your data. But if you installed all the
plumbing, don't be surprised when someone flushes a giant turd down your
tubes.

------
walterbell
Are there security appliances which use virtualization for sandboxing of
unsafe parsers, like Qubes does on endpoints?

