One of the questions that comes up as part of DMZ design is is it best to have one firewall vendor (for simplicity of management) or two (to provide an overlap of protection in case one firewall has a vulnerability), and what are my peers doing on this topic? 

John Pescatore and I have provided an update on this in a research note “Q&A: Is It More Secure to Use Firewalls From Two Different Vendors?”

 The NIST stone test wall in Gaithersburg, Md.

The HCIP has 30 Technology Profiles (TP) or ‘dots’ representing a safeguard that warrants incusion. Each TP has an author and may have co-authors.  Each TP is reviewed extensively by individual peer review, group review, management review, editorial review, and review by the other HC leads  ….  About 12 analysts are listed as author in the HCIP, and about another 10 people are handling quality, production, graphics, and editorial steps.  I wanted to blog this to give a glimpse into the degree of rigor that goes into a research note and that no note is a solo effort – even the shortest document, a First Take, has a team of review and fact-checking behind it although only the primary author’s name may appear on it. 

If you want to get some more detailed information on HCs, Jackie Fenn and Mark Raskino have an HC blog and an upcoming book entitled “Mastering the Hype Cycle”.

After so much effort to get it right, it is still just a snapshot in time.  If you are basing a significant IT decision on any research piece, or just have a question about what analysis went into an element of it, I encourage our customers to schedule an inquiry (no matter how brief the question) and speak to the author.  We always have more or more timely information available than what made it into a research note, and we can filter the analysis to your specific use-case. 

Along with my colleague John Pescatore, I am also working on the Magic Quadrant (MQ) for Enterprise Network Firewalls.  This MQ is proceeding along well.  More on the MQ in upcoming blog entries.