[fw-wiz] Once again..appliance firewall input requested

From: Matt Bazan (Mbazan_at_onelegal.com)
Date: 01/20/05

Next message: Darryl Luff: "Re: [fw-wiz] Exchange 2003 OWA security questions"

Previous message: Kevin: "[fw-wiz] Gauntlet End-Of-Support?"
Next in thread: Victor Williams: "Re: [fw-wiz] Once again..appliance firewall input requested"
Reply: Victor Williams: "Re: [fw-wiz] Once again..appliance firewall input requested"
Reply: Kevin: "Re: [fw-wiz] Once again..appliance firewall input requested"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <firewall-wizards@honor.icsalabs.com>
Date: Thu, 20 Jan 2005 12:57:41 -0800

Ok <takes deep breath>..I may be in need of a replacement solution for
our current firewall appliances (two NetScreen 50s running in an active
/ passive high availability solution). For reasons I won't get into (NS
being purchased by Juniper?) my trust in these units has been badly
eroded. I'd like input on what people are using and their satisfaction
levels with them.

Our requirements:

        1) We run a rapidly growing 24X7 web presence. As our Internet
uplink is 4Mb (ok, this will soon be going up..but only by a couple
Mb..) we don't need a beefy packet pushing device.
        2) We have 25 or so inbound NATs. I like to have 'granular'
control over source and dest NAT. By this I mean being able to split
these features based upon traffic flow and not having to create the
typical bi-directional NAT mapping.
        3) Need for 20 or so box-to-box VPNs. Auto key and manual key
with the usual VPN flavors
        4) The basic requirements for setting policy based access (blah
blah)
        5) 3 interfaces (4 ideal)
        6) High availability solution
        6) Static routing only
        7) Intuitive web gui
        8) 'Robust' command line feature set
        9) Detailed reporting
        10) Configuration flexibility a must. I'll leave this to your
imagination.
        11) Something I can setup and it will *work* *work* *work*
        12) I'm sure there's more I'm forgetting but I'm suffering from
NetScreen induced sleep deprivation and am tired of typing.
        13) <=$15K for pair of units

Thanks for the input!
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Darryl Luff: "Re: [fw-wiz] Exchange 2003 OWA security questions"

Previous message: Kevin: "[fw-wiz] Gauntlet End-Of-Support?"
Next in thread: Victor Williams: "Re: [fw-wiz] Once again..appliance firewall input requested"
Reply: Victor Williams: "Re: [fw-wiz] Once again..appliance firewall input requested"
Reply: Kevin: "Re: [fw-wiz] Once again..appliance firewall input requested"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]