My 2 cents from a shop that's heavily Nokia-biased. That said: > We are a Compaq/HP shop so we would have dual DL 380s with a > 2 Ghz or higher CPU / 40 gig hard drive and 1-2 Gig of ram.
Test your hardware platform out first with the latest SPLAT CD. It's based on RH 7.2, so newer gear like gig ethernet and some RAID are not supported or only somewhat supported, depending on hardware. > 4. NG question, is the VPN client or firewall support better than 4.1? It is. > 5. Any noticeable increase in overall throughput? Depends on where your bottleneck is now. Do you have one? Where does it lie? Security servers, connection setup, connection teardown, VPN encryption, plain throughput due to large pipes ... what is it? > 6. Any problems support multiple Nics? is there a limit on > the number of interfaces? Some quad-cards are supported, not all. VLAN support is in, I believe. Not 100% on that one. > 7. Just how good is the built in IDS, does it compare at all > to ISS ->Realsecure? There is no built-in IDS. SmartDefense != IDS. If anything, it's a stab at the IPS market, and it does indeed do some of that. Yes, it can detect certain patterns that might suggest an attack, but it's not a full-blown IDS. If you want an IDS, buy an IDS. That said, SmartDefense does have its merits and can be a valuable addition to your security architecture. > 8. How does the web interface compare to "voyager Not even going to touch that one :). See for yourself, is my suggestion. Put SPLAT on a test box and give it a spin. > 9. Is HA better, or worse than VRRP? Different. It's ClusterXL, so you'll need a ClusterXL license. Haven't heard any horror stories, so I guess "different" is the best way to put it. Don't forget that Nokia have IP Clustering (Load Balancing) too, not just VRRP HA. ClusterXL, of course, can load balance as well, no doubt. > I'm just a little leary moving away from the Nokias, they > have been rock solid for us. We are working on 300 plus days > of uptime. We've had one harddrive failure in 3 yrs but > other than that they have been very good to us. To switch or > not, that is the question. Well, then, to answer that question, how about this: Cutting all the hype and marketing, why do you wish to switch? Do you have a performance bottleneck? And if so, where is it? Regards Shawn Behrens Integralis/Activis Managed Security Services 111 Founders Plaza East Hartford, CT 06108 1-860-528-5458 Please note that: 1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information. 2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. 3. The contents of this email are those of the individual and do not necessarily represent the views of the company. 4. The company does not conclude contracts by email and all negotiations are subject to contract. 5. The company accepts no responsibility once an e-mail and any attachments is sent. http://www.integralis.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
