[FW1] ACLs on Nokia

D H Thu, 08 Jun 2000 17:12:10 -0700

Is it a necessary to run Nokia ACLs even if FW-1 in running? If so, should 
the ACLs be similar to the rules set up with the FW-1 security policy, or is 
it useful in some other way?

Just wondering what I should do with that option...

-- DH


-----Original Message-----
From: hermit1 [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 08, 2000 4:30 PM
To: Mayne, Peter; [EMAIL PROTECTED]
Subject: Re: [FW1] High Availability: HA Module on NT vs Nokia



The Nokia is not really a black box.  First you need to treat it as a
router - define VRRP, interfaces, routes or routing protocol,  ACLs if any,
etc.  If you aren't familiar with routing you will have trouble with
this.  Then you work with FW-1 on top of that.  Make a couple of allowances
in the FW rules for the VRRP setup.  It is probably worth it for an NT shop
to pay for the initial install.

hermit1


At 06:36 AM 6/9/00 +0800, Mayne, Peter wrote:

>Assume I want to install a highly available firewall. The two options under
>consideration are a pair of Nokia systems using VRRP, and a pair of Windows
>NT systems with the CheckPoint HA module. A Solaris or other UNIX solution
>isn't being considered because an NT shop doesn't want to learn how to
>manage a Solaris system, whereas a Nokia can presumably be treated like a
>black box.
>
>Cost aside (since the Nokia solution seems to be cheaper), what are the 
>pros
>and cons of one vs the other? Under what circumstances (if any) would I
>prefer a particular Nokia or NT solution?
>
>
>PJDM
>----
>Peter Mayne, Compaq Computer Australia, Canberra, ACT



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
[FW1] ACLs on Nokia

Reply via email to
