Since no one else has mentioned it, I'll dive on that fire. Be careful when setting up a multi-tenant security solution that you are not accidentally selling "DoS as a Service" to your clients. State is evil, and state sharing with other targets is dangerous. Target sharing with other targets that are outsourcing their security can get increasingly scary especially if one of these clients is a juicy target. Make sure you have the infrastructure in place to quickly isolate your clients so that they do not fate share if they become in the focus of DoS attacks. This can mean isolated infrastructure for those you wish to keep up, or sacrificial infrastructure for those you are willing to let drop for the greater good. -Blake On Tue, Aug 18, 2015 at 10:38 AM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
On Mon, Aug 17, 2015 at 7:46 AM, Ramy Hashish <ramy.ihashish@gmail.com> wrote:
Hello All,
We are planning to implement a multi-tenant FW/UTM and start providing security as a service, I would like to hear if anybody had experience on this, and if there are any recommendations for the UTM's vendor.
Check Point VS might be a good fit. Also there is McAfee NGFW that can be used as a multi-tenant solution.
Other solutions are Fortigate (what you mentioned), ASA w/ contexts (not sure about UTM support in contexts though).
People/customers here are more familiar with the Fortigate, however, we need to build a well-rounded solution that suits wide range of enterprises' business needs.
I think that you first define what the most wanted needs of your clients are and work from that.