Re: Watchguard & Netscreen
From: LoGo (waresident@cool.com)Date: 04/29/02
- Next message: Berk S. Daemon: "Re: Security in DMZ itself"
- Previous message: Sjoerd: "Security in DMZ itself"
- In reply to: Patrick: "Watchguard & Netscreen"
- Next in thread: x y: "Re: Watchguard & Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: LoGo <waresident@cool.com> Date: Mon, 29 Apr 2002 01:53:11 -0700 To: Patrick <neux@pd.jaring.my>
Patrick wrote:
> Hi All,
> 2) Usability & Functionality - Which one is better? WG certainly is in the
> business longer than NS, I assume WG has better GUI and functions
>
> 3) Service - More on the frequency of patches and updates... I have no idea
> on their history of vulnerabilities. Any pointers or websites for reference
> will be good.
>
> 4) Company Profile - Watchguard seemed to slowed down a bit (no more posts
> about WG in the group - is it that good, or nobody is using it?) Is it taken
> over by someone?
I have never used Netscreen, so I can not comment on it. I have
configured a few Watchguard firewalls as well as a few Linux boxes to be
used as firewalls.
I generally liked the WG firewalls that I have used. It is pretty easy
to configure as long as you know the basics of configuring firewalls.
The GUI is nice a pretty if you like those sorts of things and I really
liked the option that allowed me to scan incoming email (to the mail
server) for .exe's and .bat's because the users could not remember to
not click on those.
I do have two gripes about the WG, but I think that this would be the
same with any GUI. The first is that I inherited the firewalls from
other sys admins and I no longer had the password for the subscription.
I could not find any way to get the password or access to the
subscription only portion of the site. The other thing I didn't like was
there was no option for allowing me to specify protocol and port number
for any unspecified service. -The WG does everything by service, so if
you want to add say a webserver, you click on the add webserver (or
whatrever the label is). This is a problem especially for opening up the
port for some chat/irc/im type stuff. There are clients that work OK
with firewalls, but some of them have handshake problems.
So what I would recommend is give some hardworking, unemployed linux
person some contracting money and a decent server. :) If you are dead
set against that, though, the WG is a good firewall.
- Next message: Berk S. Daemon: "Re: Security in DMZ itself"
- Previous message: Sjoerd: "Security in DMZ itself"
- In reply to: Patrick: "Watchguard & Netscreen"
- Next in thread: x y: "Re: Watchguard & Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
