Nir Zuk, the inventor of stateful packet inspection and an all around firewall guru and founder of Palo Alto Networks, said that SourceFire's entry into the Next Generation Firewall market is "bull**it" because firewalls are so much more difficult to design than IPS. Now, I have evaluated Palo Alto's product and it is quite good, but I think that saying things like this about SourceFire's imminent offering shows a little bit of anxiety on his part. The NG firewall market is supposed to experience high growth, and it will probably take a while for things to settle down. Right now Palo Alto is the market leader, but that could change. Barracuda Networks (another product I evaluated) has an excellent offering, too. So yes, things could change--I think it is better to wait for the market to decide these things rather than engage in such talk, as it only makes the one screaming look desperate.
http://goo.gl/UP04G
