FirewallFortinet
Sanjay Seth
October 12, 2025
253 0
0
85
2
Shares

Blog Post Title (example: Let’s Do This and Learn from Real Experiences )

Real Experiences to Reference

In this industry experience is not a slide deck in a conference room, it’s the clock on the wall, the incident tickets and that coffee-stained note you wrote at 3am. I have lived this since the early 2000s, and I’ve seen the threat landscape swoop and twist, ready to view from my front-row seat as we mortally wound enterprise security in real time. You want insights that you can use, not fairy dust. So here are actual experiences that inform how they help clients today — firewalls, servers, routers and the zero-trust realities you really need to survive.

And yes, I’ve since learned to differentiate hype from hard leverage. I’ve watched vendors promise AI miracles and fail at the basics. I’ve been in meetings with budgets that treated cybersecurity as a check box and boards of directors that have now, for the first time, understood risk was not a product — it’s a program you run every day.

What you’ll find here: real tips, not glittering marketing floss. That’s the guidance that helps you make decisions about when to lock things down or unlock them for business velocity. The type that understands security is a business decision, not just a technology decision.

Personal Background to Weave In:

I began as a network admin in 1993—the type of job in which you were taught to troubleshoot technology with a flashlight in a darkened data room and coffee cup that was never empty. I was weaned on routers, switches and the sort of delicate telephony that predated unified communications. The era gave me the discipline of vigilant margins—the fact that every tool has an uptime delta, each policy a risk cost and every outage a learning in the value of backups you wish you’d never use.

Slammer was real, not a headline for the slide deck but an ugly wake-up call. Slammer wasn’t making a polished pyramid diagram for risk assessment; it was a crass announcement that worms could dance across an internet-era blast radius with a single fast exploit. I watched networks groan under the weight, systems vomiting errors left and right, admins going through desperate hairball gyrations. Squeezing voice and data over the PSTN is possible in ways we never believed. It was neither glamorous nor spicy, but it was formative. I’ve been trained that there exists a tension, but also the possibility to combine speed and security, treating incidents as opportunities to harden rather than just recover.

Now, I own my own security company. The balance has changed, but the instinct is the same: less shiny bells and more reliable, defendable architecture. Over the past year, I’ve assisted three banks upgrade their zero-trust architectures.two steps forward, one step back.I helped implement each, and every time with risk governance woven into every control. And yes, I realize that term zero-trust does sometimes raise an industry eyebrow or two, which is why I’m keeping my feet on the ground and my head rooted in practical deployment patterns: identity everywhere, least privilege everywhere and continuous verification everywhere. Just back from DefCon, and still reeling (in a good way) from the hardware hacking village — the literal hand-on reminder that so often your weakest link is the cheapest, and yet in code you aren’t exposed to that fact. I walked away convinced that any security stack of yours must account for physical realities, tamper resistance and the human element — always your wild card in defense.

Real Experiences to Reference

  • The Slammer wake-up call: networks designed for speed with no security are Amazonian canoes in a hurricane. Patch windows? Yes. But more important: monitoring, segmentation and a plan that survives an event you can’t predict in advance.
  • PSTN mux for voice and data over a single chain: if you’re mixing real-time voice and data, then latency is not an abstract metric. Attentive attackers weaponize them and pivot from data theft to service disruption surprisingly effectively.
  • Banking client engagements: three banks are migrating to zero-trust architecture amid actual regulatory demands and customers who can’t be kept waiting for service. It taught me that zero-trust is not a product; it’s a program — and a deliberate one, with change management, governance and ongoing risk assessment as core ingredients.
  • DefCon takeaways: hardware hacking village lessons learned—its not just software that can be attacked; devices, firmware, the supply chain, power itself may also present vulnerabilities. You can’t defend a perimeter that you cannot measure, and you cannot measure what you do not test.

Quick Take

  • Begin with business risk, not merely technical complexity. Your firewall is a policy—so demonstrate the policy.
  • Zero-trust is a journey, not a sprint. Identity and device state are not optional.
  • In the real world, acts occur through weakest link (people, process or bad segmented network).
  • Hardware matters. Don’t write off the physical layer in designing security for enterprise routers and servers.

But here’s the thing

But here’s the thing: Security is about making a tradeoff between predictable inconvenience and very difficult-to-measure resilience. When you’re selling to execs, the opener is not we have X feature. You front-load with how we drive risk to your critical assets X% down in Y months without murdering business velocity. The opinions expressed in this commentary are his. That perspective — straightforward, business-facing and relentlessly practical — has served me well across industries.

And I do take on subjects that I’m passionate about — and will piss off a couple of people. Anything advertised as AI-powered, with no human-in-the-loop solution planned, makes me very skeptical. I’ve watched so-called intelligent automation crash to the ground when data quality is miserable — or governance lax. Absent those 6 priests who surveyed the scene and absolved me of mlicked promotion, I get it..IsAnyesborn, I’m not anti-automation; I’m anti-mlick made promises that skip risk and compliance. Your security program should be transparent, auditable, and accountable systems that tolerate humans’ imperfect decisions but guide them with strong controls.

One-liner interludes: And yes, you can get a legacy environment in line without tearing it all out. But you also need a plan that leans into modernization without building a corridor to risk. But occasionally you have to slow down in order to scale properly. And occasionally, the most fundamental controls — ENABLE partners to protect against attackers attempting link them together; secure patch governance; and strong backup strategies — provides more defense than a fancy new feature with a fragile deploy.

Tone and style note

I’m quirky. I tend to use italics when I’m trying to make a point. I’ll complain about password policies: rules that seem secure, but aren’t because they take no real measure to protect anything. I’m a big fan of analogies — they give you easy mnemonic hooks, and then that’s all you have to remember. I sometimes wax nostalgic about older technologies — because memory is one way to prevent us from continuing to make the same mistakes over and over. And I’m wary of anyone who says that all it takes is one thing, one product or AI-powered solution fixes everything. You, your customers and partners deserve a layered defense that respects operational life.

Bulletized takeaways to adapt to such and other conditions

  • Construct a security platform around the businesses processes, not siloed stacks of security.
  • Focus on zero trust design with pragmatic segments, persistent verification and variable access control.
  • Include hardware and firmware in your risk assessments—patch, monitor, verify all devices at your network edge.
  • Consider incident response a business capability, with runbooks and governance and executive communication baked in.
  • Foster a secure by design culture – Make today that security becomes part of development, procurement and operations.

Personal Quirks

I would be inclined to use italics far too frequently for emphasis. I occasionally rant about password policies. I really love using car or cooking analogies. I frequently reminisce about the technologies of yore. I’m always leery of any security solution with an AI-powered tagline. I trust in a stark, data-inflected argument that doesn’t deny risk to be a myth.

Some concluding thoughts

Some concluding thoughts: It really is a business of trust and reliability and transparency when it comes to risk management. If your organization is after that, a resilient and capably defended position, concentrate on pragmatic controls, an honest analysis of your threat surface and a team ready to defend it — every day rather than when audits loom. Because it’s the hard way that I’ve learned that a business is never built in a day, though it can be built step-by-step—with disciplined execution and real-world experience behind each recommendation. If you’re ready to take that step to become secure; your firewalls, your servers, and your routers, let’s discuss the shift from those steps to a program of substance that defends what really matters.

Endnote

Eyes on the horizon, hands on the keyboard—and with sound planning and careful updates, a healthy sprinkling of skepticism around hype—you will build a safer enterprise that can bend with whatever threat landscape is thrown at it. And that, my friends, is the kind of security work I can still be proud to have been part of.

Sanjay Seth

Sanjay Seth

What's your reaction?

Related Posts

1 of 269
© 2026 Fortinet Firewall CyberSecurity Networksecurity PJNetworks NAC Solution Blog - Fortinet Firewall CyberSecurity Networksecurity PJNetworks NAC Solution Blog by Sanjay Seth.
© 2026 Fortinet Firewall CyberSecurity Networksecurity PJNetworks NAC Solution Blog - Fortinet Firewall CyberSecurity Networksecurity PJNetworks NAC Solution Blog by Sanjay Seth.