We have two issues that we're trying to address which our current firewall
(FW-1 on Intel/NT) doesn't do a good job of: Securing our world-wide
network, including small field offices; and firewalling at wire speed.
Products we're looking at include: Cisco; Nokia/Checkpoint; and NetScreen.
Cisco and Nokia/Checkpoint are pretty familiar names, so my questions are
mostly about NetScreen, and also whether anyone has ideas on other products
we should be looking at.
On first glance, it seems that NetScreen (and maybe some other appliance
vendors?) has an appealing solution. They offer a low-end model at about
$1,495 which can support a small office of 5 or so people, all the way up to
a NetScreen-1000 which is supposed to be able to handle a gigabit/sec. They
also have a global management product that allows you to control the
policies on all of your appliances from a single point. NetScreen has done
a lot of their development in hardware, so they claim to be able to operate
very quickly. The fact that they bundle VPN and traffic management into the
same box is also appealing, especially if their ASIC-based solution means
that performance will be better than what we're used to with software
solutions.
I've seen a few other questions asked about NetScreen, but no one seems to
have an opinion. Is this because they're still new and not many people know
about them? Or are people suspicious of their claims and technology? Also,
are there other products that might be able to address the issues that we're
looking at?
Also, are there other products out there that merit consideration? We
evaluated WatchGuard's FireBox II solution a while back, and there were too
many problems with their product, including their implementation of NAT and
VPN (although the product might be right for other offices; we stopped
evaluating once we realized it wasn't going to work for us). We'll probably
have to spend an equal amount of time evaluating new firewall products, but
if anyone cares to share their advice and experience before we embark on
this, that'd be great.
Thanks!
Jen
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
