I have heard both Cisco and Checkpoint sales engineers ( not in the same
room at the same time ) agree to the following points:
1) Checkpoint management ( GUI ) is FAR superior to anything Cisco has.
2) PIX is FAR superior in terms of throughput
3) Everything else the vendors say are subject to interpretation and
prejudice
Checkpoint management superiority shows itself in situations where you have
multiple firewalls and multiple security domains, where policy requires
constant updating, etc. PIX is just fine in situations where are limited
number of firewalls, and/or limited policy change, so command line
configuration is not so overwhelming.
I have also heard ( but do not know for a fact ) that at this time,
Checkpoint VPN-1 client side software is the most stable on the market for
client PC secure VPN tunnels. My source was my DE, who tells me that she has
derived several VPN designs around the Checkpoint/Nokia product. The
feedback from the field, she tells me, is that there are fewer issues with
Checkpoint than with Cisco Secure Client and the VPNet client. This too may
be one of perception. I have not read any industry comparison tests.
In the end, one should begin with a clear and written security policy, and
then choose based upon which vendor satisfies the precepts of that policy.
Chuck
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Jason Roysdon
Sent: Saturday, November 25, 2000 11:58 AM
To: [EMAIL PROTECTED]
Subject: Re: comparison between checkpoint firewall-1 and cisco pix 525
Correct me if I'm wrong, but one of the key differences is that Checkpoint
requires a "subscription" fee every year or so.
The biggest selling point I give to customers is that Firewall-1 runs on top
of Unix or NT, and use good ol' FUD regarding OS that aren't that secure to
begin with, vs. the PIX has a completely hardened/customized OS.
Best suggestion would be to hit both vendors' sites and see what they have
to say.
--
Jason Roysdon, CCNA, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
Cisco resources: http://r2cisco.artoo.net/
""D'souza Agnelo"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
> Can anyone give me comparisons between checkpoint
> firewall-1 and cisco pix 525.
>
>
> Agn
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
