Man, Adrian how do I get a job working for you. I would love to work for a manager that is proud of firing CCIE's so close to Christmas. Merry Christmas
CCIE 10546 >From: adrian jones >Reply-To: adrian jones >To: elping , Louis Young , >[EMAIL PROTECTED], [EMAIL PROTECTED] >CC: Chuck Church , Security > >Subject: Re: Hello (long response) >Date: Mon, 9 Dec 2002 13:16:38 -0800 (PST) > >Elping, >Please do NOT make any statements regarding CheckPoint Firewall without >knowing all the facts. I've been working with both Checkpoint and Pix >firewalls. I >even build a few "franken" pix firewalls so that I can learn as much as I >can about >Cisco Pix firewalls. The "franken" pix firewall actually help me landed my >current job >that pays 100k/year. Both CheckPoint and Pix firewalls have its strength >and >weaknesses. I agree that Cisco TAC is much superior than CheckPoint >support. >The "no text configuration" that you refer to in CheckPoint, you must be >refered to >running CheckPoint on Winblows platforms. NEVER RUN FIREWALL ON A >GENERAL PURPOSE OPERATING SYSTEM. If you worry about cost, check out >CheckPoint SecurePlatform. If you are "unix" literate, does the term >"tcpdump" >mean anything to you? That's how you troubleshoot my friend. >Now if you are talking about cost, Cisco Pix will beat CheckPoint by a long >shot in >term of performance for your $. However, for a small/medium business, >Checkpoint >does come with a lot of features such as URL filtering (native), http load >balancing, >etc which Pix doesn't have (without 3rd party products). For enterprise >environment, >CheckPoint does come with ClusterXL (aka, load-sharing or Active/Active >Firewall), >which again, Pix doesn't support. Last but not least, CheckPoint does have >a very nice Management piece called "provider-1" that Cisco Pix doesn't >have. >I do have to say that the price for CP products is totally "outrageous"; >however, CP >is a good product. >In terms of hardware product, you can run CheckPoint on Nokia Platforms >which is >very stable and proven product. New version of Nokia firewalls do come >with >Flash instead of hard-drive so that the reliability is very high. Nokia is >a big partner >with CP. You can get CP support if you purchase Nokia firewalls from >Nokia. Nokia >TAC is just as good as Cisco TAC. >I've completed my first week at my new job as a Security Engineer and I am >amazed >at the # of Cisco Certified folks at my company that are completely >incompetent and >downright clueless at what they can do. We are a consulting company and >being in >the consulting business, you are forced to know pretty much about >everything. >I have a couple of CCIEs in the office came to me and ask me how to restart >sendmail and postfix (we are a linux shop) in linux. Another CCIE asked me >how to >use "nmap" in unix. The last one is down right funny, one CCIE asked how >to start >Apache in Solaris. It just seems to me like R&S are all they know and >nothing else. >We also do R&S here but at these times, demands for those have not been >that >great. Therefore, we have to branch into other things such as Security >(PIX, >CheckPoint, Wireless, IDS, etc...) >I brought these issues to my boss attention last wednesday and on thursay >he > >ordered me to 'clean' house. The first thing I did was to send "pink" >slips to all > >4 CCIEs in the group and told them that they are fired because they don't >know > >anything other than R&S. They were making $130k/year and sucking almost >all of > >our budget. > >My advice to everyone out there is to keeping learning other things in >addition to > >the R&S. The market for CCIEs is not as good as it used to be. You better >know > >other things especially Unix and Firewalls than just merely R&S. There >will be lot > >of good peopel competing for the same jobs and the only way you can show >the > >potential employers that you are better than the other guy is by showing >them that > >you know other things not just R&S. > >Just my .02c. > >Adrian > > > > elping wrote: >I work with the checpoint firewall ...and let me tell you they are gui >based and very >easy to coinfigure...but do they suck.....ther is no text configuration . >the debugging >sucks...and most of the times i have called checpoint for support ..i have >done everything by the book...and >they suggest reboot ....sucks .. > >98 perfecnt of the time they suggest to stop the engine and restart it .. >anyways i think anything that has a hardrive sucks ... > > >i predict they (checkpoint) will die soon if they do not come out with a >hardware product....... > > > >Louis Young wrote: > > > if the topic of security comes,not actually only one vendor of cisco >systems,there are many other options. > > netscreen,checkpoint,etc. > > why stick with cisco,just coz it is stronger?I don't think so :) > > > > ----- Original Message ----- > > From: "Chuck Church" > > To: "Louis Young" ; "Security" > > Sent: Sunday, December 08, 2002 11:22 PM > > Subject: Re: Hello > > > > > Couple reasons actually. I've worked with PIXs and VPN in the past, >and > > > would like to really become stronger in the technology, especially the >IDS > > > and AAA stuff. The R&S hasn't been the 'pot of gold' that it once was, >so > > > I'm still under-employed (only working part time) currently. So >between > > > wanting to further my skills and having the available time to do it, >here I > > > am! > > > > > > Thanks, > > > > > > Chuck Church > > > CCIE #8776, MCNE, MCSE > > > > > > > > > ----- Original Message ----- > > > From: "Louis Young" > > > To: "Chuck Church" ; "Security" > > > > > > Sent: Sunday, December 08, 2002 9:53 AM > > > Subject: Re: Hello > > > > > > > > > > Hi,having seen your active behavior in R/S list for a long time :) > > > > why think about security? > > > > > > > > > > > > > > > > Regards, > > > > Louis > > > > > > > > ----- Original Message ----- > > > > From: "Chuck Church" > > > > To: "Security" > > > > Sent: Sunday, December 08, 2002 12:17 PM > > > > Subject: Hello > > > > > > > > > > > > > All, > > > > > > > > > > I just thought I'd introduce myself. I'm thinking pretty hard >about > > > > > going for the CCIE Security. My current CCIE is R&S. Haven't seen >any > > > > > messages since I joined yesterday, just wondering if there's many >people > > > on > > > > > this list. > > > > > > > > > > Thanks, > > > > > > > > > > Chuck Church > > > > > CCIE #8776, MCNE, MCSE > > >--------------------------------- >Do you Yahoo!? >Yahoo! Mail Plus - Powerful. Affordable. Sign up now _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58840&t=58840 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]