Dieter,
I've used this combination before to secure a DMZ and corporate network. Used the FW-1 between the ISP connections and the DMZ because I needed to handle a high volume of traffic and needed good failover capabilities.
Used Raptor between the DMZ and corporate network because it provided tighter controls (true proxy vs. stateful inspection), the traffic demands were much lower and the client wanted NT.
Although I like FW-1, if I had to do this again, I'd probably use PIX instead of FW-1. The rule set protecting the DMZ was pretty straight forward and PIX IMO has a better performance and failover characteristics.
I've also used both remote clients and much prefer Checkpoint's SecureRemote. IMO it's easier to setup and requires much less user interaction.
-- Bill Stackpole, CISSP
| "Dieter Sarrazyn" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 02/01/01 01:57 AM
|
To: <[EMAIL PROTECTED]> cc: Subject: combination of fw-1 and raptor firewall |
Hi,
I have some questions concerning the combination of a checkpoint fw-1
and a raptor firewall.
1. How would you place the firewalls? First the raptor (and why) or
first the checkpoint (and why)?
2. What are the advantages of each setup?
3. Which VPN -client would you use for each setup? The securemote client
or the raptormobile client?
Many thanks for all the response!!
regards,
Dieter Sarrazyn
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
