[FW-1] SmartDefense or not

[Jan Egeriis]

I have been reading a little on the CheckPoint SmartDefense datasheet. Basically it look very nice, but....   I am currently running FW-1 4.1 SP3 on Solaris 7, and I don't want to upgrade either of them. Will SmartDefense run on this platform?   http://www.checkpoint.com/products/protect/smartdefense_attack_defeated.html says: Denial of Service DoS Attacks - SYN Flood - LANd IP Attacks - IPSpoofing - IPFragmentation - Illegal and Malformed Packets Web and Application Vulnerabilities - DNS Attacks - Protocol Non-compliance - Application-specific Vulnerabilities - Trojan Horses - Back Door and Remote Administration - Mobile Code (Java, JavaScript, Active-X) - Hidden File Extensions Network Probing - Port Scanning - Service Scanning   I need to have the original source ip adresses in my webserver log files, so I cannot use the HTTP Security Servers because of the proxy functionality. If I do not use the SmartDefense HTTP Security Servers, I guess I will loose all the "Web and Application Vulnerabilities" ?!?   Then all this is left: - SYN Flood - LANd - IPSpoofing - IPFragmentation - Illegal and Malformed Packets - Port Scanning - Service Scanning   There is already some IPSpoofing and SYN Flood defense in the basic FW-1, so what I will pay for is: - LANd - IPFragmentation - Illegal and Malformed Packets - Port Scanning - Service Scanning   Correct ??? Will it be totally overkill to buy SmartDefense ??? Is there another product I should look at?   best regards Jan