Proactively review and plan improved security before the hackers force you to do it.

It is often valuable to learn from examples. A school district contacted us about a slow network problem. Every other vendor they talked to claimed that the solution to the problem was to remove their WatchGuard Firebox and replace it with something else. We did a free remote assessment of the Firebox configuration and performance inclusive of a review of the underlying network configuration. What we found very quickly is that the problem was that the school district’s underlying network design was the cause of the problem. We also found where they had effectively no network layer security. QPC calls that scenario security theater.

Security theater is where an organization buys a network security appliance and the network security never gets implemented. This can happen for a variety of reasons.

  • Oftentimes, internal IT believes they can setup network security strategy themselves. While it may be possible in environments with 5000 users, we have never seen it happen in SMB.
  • Most resellers of WatchGuard equipment are interested in the sale, not implementing NIST quality network layer security. Good equipment is sold every day to organizations with good security subscriptions with NO PLAN to ever implement the network layer security features, and no plan to maintain them in an ongoing fashion.
  • Business owners or business management with the wrong paradigm pressure inhouse IT to do the work themselves. They may call around to various consulting firms to get “bids” that they have no ability to evaluate. Or they may try to do the work themselves by calling manufacturer support. Neither strategy will work. The outcome is always security theater.

How does it achieve network security goals to purchase a Firebox from a vendor with no plan or no ability to actually implement the protection that your Firebox can provide?