RE: [fw-wiz] FW appliance comparison - Seeking input for the forum

-----Original Message-----
Subject: Re: [fw-wiz] FW appliance comparison - Seeking input for the forum

> I think it would be interesting to know what type of group of was
responsible for managing 
> the firewalls in the study. I am moving an account off of a Checkpoint
being managed by a 
> services organization onto a PIX platform (no intent to start a vendor
war) - and I have 
> been surpised by the permissiveness, and redundancy, in the "managed"
> ruleset. The managed set broke two of the major rules in the documented in
the paper - and 
> possibly a third if I had it on front of me.
> Of course this takes a new tangent; but it would be an interesting study.

Haha!  I have to tell you, as soon as I read this, I immediately thought of
two vendors and am wondering if either of them are the vendor in this case.
But embarrassing vendors - as fun as it is - isn't part of the list charter.

The one thing that always struck me funny about these situations where an
MSSP does a lousy job of remotely managing a Check Point rule base is that,
in order to get Check Point's seal of approval, you've got to run
Provider-1, which is a fairly large cash layout to start a service like
that.  But then to not spend much if any money on staff and staff

I guess I shouldn't be surprised, but I am.  And amused.  But only because
it's not my firewall.  :-)


firewall-wizards mailing list