Re: SonicWall Pro 300 vs CheckPoint 4.0

From: pants_are_nice (netops@captainbeer.com)
Date: 01/22/02 

From: "pants_are_nice" <netops@captainbeer.com>
Date: Tue, 22 Jan 2002 19:39:32 +0000 (UTC)

Yep, 3COM=SonicWALL.

As far as comparing a Pro300 to FW-1 for the setup you've described, I'd
roll with the Pro300. For one thing, FW-1 on NT is sketch at best.
The preformance sucks
especially with NAT turned on. The software support contracts are
expensive.
beyond that, managing a pc-based firewall is pretty nasty compared to an
appliance.
for example, when you make NAT rules on your FW-1 box, you're looking at
getting into the OS
to do static ARP's and routes. Well how are you going to do that unless
you are sitting
right infront of the firewall (and if you say pcAnywhere, terminal
server, vnc, etc. we'll
have to end this thread right now). Plus you've got hardware patch's,
limited to NT's IP Stack (which includes an ass load of vulnerabilities)
thousands of lines of OS code that is completely usless for a firewall,
etc.

With an appliance, everything you need is in the box. Everything is
done from one central spot. patching,
OS things (like ethernet speeds, arp cache flushing, static routes),
firewall rules,
vpn configuration, logging, etc.

and it costs less... is just as secure (if not more), easier to use,
blah blah blah.

my $0.02
(email me if you'd like to talk about this more please!)

"Lars M. Hansen" <badnews@hansenonline.net> wrote in message
news:760p4uchtsu325iipispntjcr4l7jn6nlt@4ax.com...

> On Mon, 21 Jan 2002 13:49:39 -0500, MikeL spoketh
>
> >For a simple network; public side, private side, no web hosting, no VPN and
> >MS Exchange on the DMZ; how would a SonicWall Pro 300 compare to a
> >CheckPoint 4.0 install on a PII 200mHz platform with NT4.0? I would
> >appreciate anyone's comments since I've only worked with CheckPoint and 3Com
> >firewalls. Which brings up an interesting point; the browser management on
> >the 3Com looks an awful lot like the SonicWall's. That can't just be a
> >coincidence? Can it? Thanks for any feedback. MikeL
> >
>
> It's not a coincidence ... it's the same machine. 3COM makes OEM
> versions of the Sonicwalls...
>
> As for the comparisons, I couldn't say. Firewall-1 is secure. So is the
> Sonicwall...
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'lars' in e-mail address) 

-- 
Posted via Mailgate.ORG Server - http://www.Mailgate.ORG

Relevant Pages

  • Re: ANY OPINIONS ON THE S-BOX?
    ... Actually I think it's manufactured by Sofaware and runs Checkpoint FW-1. ... this is even possible with the S-box, but if it is, it would cost you extra ... subscribe to a third party ISP that would remotely manage your firewall. ...
    (comp.security.firewalls)
  • R: Questions about fw-1
    ... > 1- FW-1 works with Statefull inspection technology, ... > SecureWay Firewall does, but does anybody know some CheckPoint ... It's good for enforcing bastions, natting, implementing security rules, ...
    (Security-Basics)
  • Re: Why choose Kerio instead of ZA?
    ... >> I'm sick of comparing one windows firewall to another. ... But, yes, it is a valid question, and the answer is: The best firewall ... Look at the features the firewalls offers, ...
    (comp.security.firewalls)
  • Re: Checkpoint Front End server - ISA Back End server - OWA Setup
    ... What version of FW-1? ... the traffic between ISA's internal interface and the Exchange server. ... Exchange server in plain HTTP format, ... I am not a firewall expert, but our firewall guy tells me this is a risk, ...
    (microsoft.public.isa)
  • Re: Firewall choice for web hosting
    ... > joined which hosts a very large volume web site. ... > flaws int he OS may expose the firewall to attack. ... Does the Nokia FW-1 ... If you're concerned about number of flaws, I think FW-1 has so far tended to ...
    (comp.security.firewalls)