Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?
From: Mike Kleviansky (mikeklev@bigpond.net.au)Date: 07/29/02
- Previous message: Clint Harris: "RE: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- In reply to: Dave Mitchell: "Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- Next in thread: Stephane Nasdrovisky: "Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mike Kleviansky" <mikeklev@bigpond.net.au> To: "Dave Mitchell" <dave@jnsnet.com>, "John Adams" <jna-dated-1028183707.d09b31@retina.net> Date: Mon, 29 Jul 2002 14:13:39 +1000
I agree.NetScreen product is superb.
mike
----- Original Message -----
From: "Dave Mitchell" <dave@jnsnet.com>
To: "John Adams" <jna-dated-1028183707.d09b31@retina.net>
Cc: "Erik M. Bataller" <uhguhg@yahoo.com>;
<security-basics@securityfocus.com>; <firewall-wizards@honor.icsalabs.com>
Sent: Sunday, July 28, 2002 2:31 AM
Subject: Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen -
comments?
> I personally prefer Netscreen's to either PIX or Checkpoint.
> My main factors for liking Netscreen are:
>
> 1) ASIC based appliance. More flows, more tunnels & faster crypto.
> 2) Many different models to fit the need of a particular site.
> 3) Much better price point.
> 4) Easier to manage. Great CLI and GUI.
> 5) Great IPSec interoperability.
> 6) Ability to cheaply provide RAS IPSec services. Windows or
> Linux. (freeswan)
> 7) Multiple authentication schemes. Local, RADIUS, NT, SecureID...
> 8) DS codepoint marking for traffic shaping.
> 9) Mechanisms for detecting and throttling widely used attacks.
> 10) Ability to use a websense server.
> 11) HA, Hub/spoke IPSec routing, OSPF support coming...
>
> Just my $.02.
>
> -dave
>
>
>
> On Sat, Jul 27, 2002 at 02:35:04AM -0400, John Adams wrote:
> > On Fri, 26 Jul 2002, Erik M. Bataller wrote:
> >
> > > There will be several hundred at least and I figure
> > > that some folks out there may have some interesting
> > > thoughts or comments on the different platforms that
> > > may have escaped us. We are looking for the good, the
> > > bad and the ugly. The critical issues are:
> > >
> > > security issues of the individual platform
> > > management issues (sw, firmware, policy)
> > > mechanisms for managing virus sw revisions
> > > dual vs triple interfaces
> > > we'd like to separate "home" from "work"
> >
> > Have you considered the Nokia IP120's running Checkpoint? They work
> > extremely well for branch offices, and you can admin all of the policies
> > from one place using the checkpoint management server.
> >
> > I was a big fan of PIX for many years, but after adminstering a 80+
> > firewall site at a large search engine provider, all of the issues I
could
> > discover with checkpoint were outweighed by the fact that you had true,
> > functional, central administration.
> >
> > -john
> >
> > --
> > J. Adams http://www.retina.net/~jna
> >
> > Fiber line / Shine, Enlight the Globe / In Light, communicate / Connect.
> > ~~ Lassigue Bendthaus - Fiber
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards@honor.icsalabs.com
> > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
> --
>
- Previous message: Clint Harris: "RE: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- In reply to: Dave Mitchell: "Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- Next in thread: Stephane Nasdrovisky: "Re: [fw-wiz] PIX vs Checkpoint vs Sonicwall vs Netscreen - comments?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
