RE: Firewall recommendations?
From: David Ellis (dellis@unicam.com)
Date: 03/08/03
- Previous message: cnnpt42@eml.cc: "Re: XP, Kerio, Explorer and IExplore"
- Maybe in reply to: rdusek@myway.com: "Firewall recommendations?"
- Next in thread: Ivan Coric: "Re: Firewall recommendations?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: David Ellis <dellis@unicam.com> To: "'Thorsten Dampf -- 7stein.net'" <thorsten.dampf@7stein.net>, "'rdusek@myway.com'" <rdusek@myway.com>, "'security-basics@securityfocus.com'" <security-basics@securityfocus.com> Date: Fri, 7 Mar 2003 21:05:03 -0500
Hi at my current job we use checkpoint, and I personally love that firewall
product. I am not a big fan of the pix and I have never played with the ISA
server cause it is a microsoft product and would not trust it. We are very
security conscious company. I think checkpoint has the best interface
around. But hey that's my personal opinion. The cisco pix is not a true
stateful packet inspection firewall. I have a classified pdf that talk about
the pix versus checkpoint in a situation with multiple exchange servers and
the ports you had to allow open for the pix to work in the environment that
was documented was totally unsafe.
At my next job, I would suggest going with checkpoint. Its not that
expensive when you start thinking about isa server cause You still need the
hardware, the windows server OS license and then the ISA license.
-----Original Message-----
From: Thorsten Dampf -- 7stein.net [mailto:thorsten.dampf@7stein.net]
Sent: Friday, March 07, 2003 3:48 PM
To: rdusek@myway.com; security-basics@securityfocus.com
Subject: AW: Firewall recommendations?
Take a look at the watchguard products. www.watchguard.com
Regards, Thorsten
> -----Ursprüngliche Nachricht-----
> Von: rdusek@myway.com [mailto:rdusek@myway.com]
> Gesendet: Donnerstag, 6. März 2003 21:05
> An: security-basics@securityfocus.com
> Betreff: Firewall recommendations?
>
>
>
>
> I am in charge of researching a firewall to replace what we currently
>
> have. At my previous job I had used Microsoft ISA in a low-security
>
> environment, and was happy with its features, and its
> integration with
>
> the Windows environment there. However, at my current job,
> security is a
>
> much greater concern, and I have to admit, I am somewhat
> uneasy running a
>
> Microsoft firewall product on top of a Microsoft OS. We also had
>
> investigated Checkpoint as well as Cisco Pix, and found that for our
>
> needs, the Pix at least seemed to need _many_ separate
> components for the
>
> same functionality. My question is what are your experiences
> with using
>
> ISA from a security standpoint? Usability issues? From the
> Mac end? Or
>
> would we be better off pursuing the Checkpoint or the Pix
> solution? We
>
> also plan on implementing VPN over whatever we choose, so if you
>
> recommend something other than these, it should support at
> least PPTP and
>
> perhaps eventually IPSec/L2TP. We have also considered placing ISA
>
> behind a Linux (or BSD) IP Chains firewall and our perimeter
> network to
>
> block some of the traffic from getting to ISA. Any comments
> here? Thanks
>
> to everybody in advance!
>
**************************************************************************************************
** eSafe-portsmouth scanned this email for viruses, vandals and malicious content **
**************************************************************************************************
- Previous message: cnnpt42@eml.cc: "Re: XP, Kerio, Explorer and IExplore"
- Maybe in reply to: rdusek@myway.com: "Firewall recommendations?"
- Next in thread: Ivan Coric: "Re: Firewall recommendations?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
