Joel Snyder

Snyder, a Network World Test Alliance partner, is a senior partner at Opus One in Tucson, Ariz. He can be reached at

Cisco virtual router targets the cloud

The Cisco CSR 1000V router is designed for enterprise network managers who want to have a little piece of their Cisco infrastructure in the cloud.

Next-gen firewalls can handle the heat

In Network World's two-part test, reviewers David Newman and Joel Snyder put  next-generation firewalls through the ringer. They found that products could forward packets at an impressive clip but throughput dropped with advanced...

Fortinet has highest catch rate in IPS testing

We tested the intrusion prevention capabilities of each of the next-generation firewalls to determine how well they work and how the IPS integrates with system management.

How we tested next-generation firewalls

We tested next generation firewalls by looking at seven separate areas that we felt would be important to network managers trying to deploy these products in enterprise networks.

Check Point takes best approach to URL filtering

URL filtering has become a "checkbox" feature on most Unified Threat Management firewalls, and no wonder: it doesn't require a lot of imagination to do it right, and it's hard to really differentiate yourself or do a bad job of it.

SonicWall stands tall in SSL decryption testing

If one of the main advantages of a next-generation firewall is application and protocol identification and control, then SSL decryption is a basic requirement. We looked at the SSL decryption capabilities of the next-generation...

Palo Alto next-gen firewall stacks up well

Palo Alto Networks has bet everything on being a next-generation firewall. Without the next-generation hook, Palo Alto has little chance at breaking into the established world of firewalls, and they've done a good job at defining the...

Next-gen firewalls require external visibility tools

Knowing what's happening on your network is a pre-requisite to controlling the traffic. We call that visibility because it combines all of the information the firewall knows, including session and application information, traffic...

Next-gen firewalls: Off to a good start

When we tested four next-gen firewalls strictly on performance, we found that the products could forward packets at impressive rates, but throughput dropped when advanced security features were turned on. We now dive deep into...

Basic firewall functionality: Check Point's maturity shows through

Enterprise firewalls must have policies to control traffic, ability to create site-to-site VPNs using standards-based IPsec, translate addresses and port numbers (NAT) when needed, and apply basic bandwidth management to traffic. They...

Cisco UCS pricing: It's complicated

As with any server product, there are lots of ways to configure UCS, including different levels of CPU, memory and storage. Cisco has a 29-page document to help you get it right, and 29 pages are not overkill. To get an idea of what...

Cisco impresses with UCS

If you're tempted to think of Cisco's Unified Computing System (UCS) as just another blade server — don't. In fact, if you just want a bunch of blades for your computer room, don't call Cisco — Dell, HP, and IBM all offer simpler and...

Splunk explains it all

If there's gold in log files, Splunk, Inc's Splunk Enterprise will help you to find it. Splunk bridges the gap between simple log management and security information and event management (SIEM) products from vendors such as ArcSight,...

What is a next-generation firewall?

If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."

Palo Alto earns short list status

Palo Alto Networks has injected excitement and innovation into the firewall market with its "next-generation" appliances that combine traditional firewalls, threat mitigation technologies such as anti-malware and intrusion prevention,...

Do you know where your security holes are?

We all worry that there's some lurking security problem in our servers. We do what we can, patching, following best practices, keeping up-to-date with training and news. But wouldn't it be great to have an automated tool to check our...

Vulnerability management tools in a nutshell

We tested FusionVM in its software-as-a-service configuration, giving us a portal-based vulnerability analyzer with off-site and on-site scanner capability. (Critical Watch offers other packagings which are entirely on-site if needed.)...

How we tested vulnerability analyzers

We developed a test methodology and evaluation criteria in six main areas, including results reporting, product controls and manageability, scan results, vulnerability workflow features, interoperability, and updates and protocol...

Vulnerability analyzers offer Web scanning as an option

Web scanning is different from vulnerability scanning because it looks for bugs in the Web apps themselves, rather than the software installed on the Web server. For example, all of the vulnerability scanners told us about an old...

Vulnerability analysis tools add compliance features

Compliance is a natural extension of a vulnerability analysis tool. Normal vulnerability scanning includes searching for unpatched systems, unprotected directories, and other errors in configuration.

Load More