RE: [fw-wiz] FW appliance comparison - Seeking input for the forum



-----Original Message-----
Subject: Re: [fw-wiz] FW appliance comparison - Seeking input for the forum

> I think it would be interesting to know what type of group of was
responsible for managing 
> the firewalls in the study. I am moving an account off of a Checkpoint
being managed by a 
> services organization onto a PIX platform (no intent to start a vendor
war) - and I have 
> been surpised by the permissiveness, and redundancy, in the "managed"
> ruleset. The managed set broke two of the major rules in the documented in
the paper - and 
> possibly a third if I had it on front of me.
> 
> Of course this takes a new tangent; but it would be an interesting study.

Haha!  I have to tell you, as soon as I read this, I immediately thought of
two vendors and am wondering if either of them are the vendor in this case.
But embarrassing vendors - as fun as it is - isn't part of the list charter.

The one thing that always struck me funny about these situations where an
MSSP does a lousy job of remotely managing a Check Point rule base is that,
in order to get Check Point's seal of approval, you've got to run
Provider-1, which is a fairly large cash layout to start a service like
that.  But then to not spend much if any money on staff and staff
training...

I guess I shouldn't be surprised, but I am.  And amused.  But only because
it's not my firewall.  :-)

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • RE: [fw-wiz] Real World PIX 535 Performance
    ... >Have a search on test reports of firewalls, I think there are a few at ... in simulated environments and note how are the performances under ... the vendor, or they allow a LOT of vendor input into the "test" setup. ...
    (Firewall-Wizards)
  • RE: [fw-wiz] Opinion: Worst interface ever.
    ... to use and less than 7 or 8 config options and a customer's firewalls ... >> I am not familiar with the WatchGuard interface, but I will say one general ... >Hey, I didn't ask for more features, someone's marketing department did! ... >I'm also going to add a new vendor test to my criteria- if I can't get ...
    (Firewall-Wizards)
  • Re: Hardware Firewall
    ... if you're going to put together a course about Hardware ... you need to include other vendors and not just Cisco. ... of course your course is about Cisco firewalls. ... A good source for which firewall vendor you should cover might be ...
    (Security-Basics)
  • Re: [fw-wiz] Variations of firewall ruleset bypass via FTP
    ... > only a single vendor listed as "vulnerable". ... > minutes ago fixed that vendor's vulnerability. ... Would I like to see which firewalls failed testing? ... > listed in the CERT advisory, therefore, is *not* helpful to me. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Managed Firewall Service - Opinions
    ... I looking into managed firewall services and really did not care for what I ... be doing more than managing firewalls and with only 700 people in your ... In my mind this is ...
    (Firewall-Wizards)