Dusty, ROFL at ur signature, that is hilarious.
on the other hand, i also have to agree with dusty, you dont pick your
firewall at a kmart on the shelf. you must and i repeat MUST evaluate and
define your security policy first. for example, the pix by default wants to
NAT, and if u dont want to, u have to specify not to do it, theres licenses
cost, a pix is based on SESSIONS, be very careful with this, old IE versions
used to open a session per file to get in a web page, and on large web
pages, that could go to as high as 50 SESSIONS, at once. define your policy,
your requirements, what do we want to secure, how do we plan to do it,
because a firewall wont jsut secure it all for u unless u tell it to. be
very specific, if u know u dont want any incoming ftp sessions, then put it
down on paper, everything, every last port number u want to allow, u gota
know it before hand. once, u know all that, u know exactly how ur gona
secure that network, then u say, ok, which one is the best of these 2
products for my needs..; will the pix work better or the checkpoint, and
then buy it.
i hope this helps, and i might have gotten a little hyper on this, but i've
seen so many badly written security policies i try to make sure ppl dont do
the same again.
Morgan
> -----Message d'origine-----
> De: ElephantChild [SMTP:[EMAIL PROTECTED]]
> Date: mardi 23 mai 2000 11:55
> �: Achal Kataria
> Cc: [EMAIL PROTECTED]
> Objet: Re: (OT) Firewall!!!!
>
> On Tue, 23 May 2000, Achal Kataria wrote:
>
> > Just wanted to know one thing , which one is better PIX or
> > Checkpoint Firewall 1 and why??
>
> Short answer: What problem are you trying to solve?
>
> Long answer:
>
> - Define your security guidelines or find out what they say.
> - Define your concrete security policy or find out what it says.
> - Evaluate the features of both against your security policy.
> - Answer your own question based on the previous steps, plus price,
> available technical support, support for your company's/customer's
> platforms and environment, etc.
>
> To do otherwise, failing to weigh their features based on your specific
> needs, would be going by the lengths of their respective tick lists, and
> experience with the products of a PC software company that I'll leave
> unnamed shows that this is probably a Bad Thing(tm). :-)
>
> --
> Bungee jumping and skydiving are for wimps. If you want to experience
> true gut-wrenching terror, have children. --Dusty Rhoades.
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
