FW-1 is not a proxy solution but a stateful packet filter. At 10:02 AM 4/16/2002 -0500, Noonan, Wesley wrote: >I'm not a FW1 expert, but I thought it was a proxy/application level gateway >based solution. I could be really wrong on this point though. Any checkpoint >guru's that can clarify? > >Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS >Senior QA Rep. >BMC Software, Inc. >(713) 918-2412 >[EMAIL PROTECTED] >http://www.bmc.com > > > > -----Original Message----- > > From: Ron DuFresne [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, April 16, 2002 09:55 > > To: Noonan, Wesley > > Cc: 'Rink, Jesse'; '[EMAIL PROTECTED]' > > Subject: RE: Replacing my old PIX Classic > > > > > > Isn't fw1 really a stateful packet filtering solution as apposed to a > > proxy solution like the old gauntlet? > > > > Thanks, > > > > Ron DuFresne > > > > > > On Tue, 16 Apr 2002, Noonan, Wesley wrote: > > > > > All 3 are good firewalls. It depends on what you are looking for. Do you > > > want a packet filtering firewall (tends to be faster), then the PIX is a > > > good choice. Depending on the amount of users, you can go with a PIX 515 > > or > > > above. Do you want more proxy/application filtering capabilities? Then > > both > > > ISA and FW1 are good choices. Any debate between the two is likely a > > > religious war (with lots of M$ thrown in, I suppose because they don't > > have > > > anything credible against ISA...) > > > > > > > > > > > > HTH > > > > > > > > > > > > Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS > > > > > > Senior QA Rep. > > > > > > BMC Software, Inc. > > > > > > (713) 918-2412 > > > > > > [EMAIL PROTECTED] > > > > > > http://www.bmc.com <http://www.bmc.com/> > > > > > > > > > > > > -----Original Message----- > > > From: Rink, Jesse [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, April 16, 2002 09:31 > > > To: '[EMAIL PROTECTED]' > > > Subject: Replacing my old PIX Classic > > > > > > > > > > > > Hello, > > > > > > > > > > > > I have a PIX Firewall from Cisco that is about 4 or 5 years old. It's so > > > old it doesn't even have a model # and the Cisco techs get confused when > > I > > > call because most have never heard of this model. No access lists or > > > anything. Anyway, the point here is that it's old. > > > > > > I'm looking to update my Firewall so I can have features like Intrusion > > > Detection, VPNs, etc. Was hoping someone could point me in the rihgt > > > direction of what firewalls to look at. > > > > > > My environment is as follows: > > > 1 WAN interface (connected to a T1 line to our ISP) > > > 2 DMZ interfaces > > > 1 Internal interface > > > > > > We could have up to 700 concurrent users going outbound through the > > > firewall at a given time. > > > > > > I was thinking about looking at newer PIXs, Microsoft ISA, and > > Checkpoint > > > Firewall. Of course, I'm not sure where to begin. Any recommendations? > > > > > > > > > > > > PS - Where is the best site to read the current msgs to this mailing > > list? > > > I don't like them sent to my email, I'd rather read them from a URL that > > is > > > updated as messages are posted. I'm new here... :-) > > > > > > > > > Thanks. > > > Jesse > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > "Cutting the space budget really restores my faith in humanity. It > > eliminates dreams, goals, and ideals and lets us get straight to the > > business of hate, debauchery, and self-annihilation." -- Johnny Hart > > ***testing, only testing, and damn good at it too!*** > > > > OK, so you're a Ph.D. Just don't touch anything. >_______________________________________________ >Firewalls mailing list >[EMAIL PROTECTED] >http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
