Re: Anyone used the Cyberguard SG575 firewall appliance?

From: TGW (tom_at_qtr.com)
Date: 09/06/04 

Date: Sun, 05 Sep 2004 22:03:14 -0400

a@b.com wrote:

> We ran high-end Cyberguard firewalls for several years in a UK enterprise
> organisation. They were totally unreliable. They were almost guaranteed to
> fail at every opportunity. Complete service failure twice a day was not
> abnormal. We ran a pair; if one failed the other was supposed to take over;
> what generally happened was that the second also failed because it couldn't
> see its buddy.
>
> Traffic frequently slowed to a crawl for no apparent reason and we had to
> force a failover. We had to rebuild the machines from base software at
> least twice a year.
>
> We went through several UK support companies and hauled in Cyberguard UK on
> several occasions, including their MD. We called in consultants, changed
> Cyberguard hardware, software, physical location, connecting network cables
> and switches, all to no avail.
>
> Towards the end, we programmed in an automatic reboot at 0600 every morning.
> They still failed during the day more than once every week.
>
> Since we changed to Nokia / Checkpoint, we have not looked back. Both
> firewalls have provided excellent service, never failed, and run at 0.5%
> capacity, even though they're roughly the same 'size' as the Cyberguards.
> We have effectively gained an extra 'man-year', through lack of
> fire-fighting, to say nothing of the better service we give our users.
>
> My advice: DON'T DO IT!!!!! Use Nokia / Checkpoint or Cisco (which we've
> also had good experience of) instead.
>
>
> "Rob Hughes" <rob@robhughes.com> wrote in message
> news:1fadnRpKsblEfL7cRVn-tw@comcast.com...
>
>>kevinpc20002000 is alleged to have said in comp.security.firewalls:
>>
>>
>>>Looking at purchasing a firewall appliance and this is one we are
>>>considering. If anyone has any experience with this I'd appreciate
>>>the feedback!
>>>
>>>Thanks
>>
>>I don't have direct experience with that specific model, but I like
>>Cyberguard quite a bit.
>>
>>--
>>Recursion: n. See Recursion.
>
>
>
Your experience sounds regretful but I have to admit unique. I have
been working with Cyberguard firewalls for 6+ years and have never heard
a story like yours. 'Back in the day' the Cyberguards were a real pain
to rebuild, 8+ hours reinstalling Unix, etc. But since the appliance,
they have been a dream. Good luck with the Checkpoints.

Relevant Pages

  • Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
    ... > (i think if one tried that with, say, Cyberguard, we'd see completely ... > firewalls could be thrown off with no further harm to security. ... What't wrong with Checkpoint ... errors made by the admins thus, indirectly, incresing security and the ...
    (Firewall-Wizards)
  • RE: Enterprise level firewall selection
    ... E.g. CyberGuard is the only firewall ... Subject: Enterprise level firewall selection ... > Kind Regards ... > The following is a performance comparison, (Checkpoint vs. Netscreen ...
    (Security-Basics)
  • Re: why use cyberguard rather then Checkpoint and Cisco PIX?
    ... I would say that Cyberguard and CheckPoint are more closely related in terms ... Even though Cisco has a gui ... interface, from what I understand it does not make the grade. ...
    (comp.security.firewalls)
  • Re: Anyone used the Cyberguard SG575 firewall appliance?
    ... We ran high-end Cyberguard firewalls for several years in a UK enterprise ... We went through several UK support companies and hauled in Cyberguard UK on ... Since we changed to Nokia / Checkpoint, ... See Recursion. ...
    (comp.security.firewalls)
Quantcast