You shouldn’t have blind faith in anything you allow onto your network, and that includes security appliances. This was made amply clear to me a few years back, when a vendor of an email security appliance tried to convince me (as the CTO of a small company) to team up and help sell the appliance. I had our engineering team test the appliance, just as we would any product we were considering using or supporting. The team quickly found that the appliance was running an older SSH daemon that had known vulnerabilities. I notified the appliance team, and they sent back a “fixed”version that failed a second test a few days later. Needless to say, our partnership never happened.
Powered by WPeMatico