I have rencently reviewed the 10 & 100 versions of this product here.
The issues that I have with it are as follows:
Limited logging capability and only really with a third-party package
to get much usability out of it. (ie, web-sense, webtrends et al).
The logging only provides IP addresses, and port numbers. There is no
way for it to also provide URL information (ie, http & ftp requests for
exactly what file is being requested).
Limited flexability. Only has three interfaces and those interfaces are
hard-set for certain functions. Ie. Trusted -> Untruted WILL NAT. Limited
number of static NAT's at the firewall for reverse mapping. et al.
All in all though it looks ok if:
1) You do not have the technical expertise to really get down and dirty with
a firewall. (SOHO, remote shop et al).
2) You don't have a need for a flexible solution. Ie. install it and forget
it
with no plans to build a changing environment.
3) You're need for detail logging is not great or required.
Steve
-----Original Message-----
From: Raymond Banfield [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2000 18:29
To: Firewall Mailing List (E-mail)
Subject: [FW1] RE: [rapt] Checkpoint vs. Raptor
Can I ask what people think of Netscreen
>From what I can see, it is very secure, fairly easy to set-up a VPN (at
least in a lab environment) and is very fast, with various models producing
speeds of 10 MB/s / 100MB/s 80 something with 3des and the high end model
1Gigabyte
And it is all proprietary, as opposed to based on another OS like IPSO or
BSD
Makes a very easy and efficient firewall IMHO
Ray
-----Original Message-----
From: Gutkowski, Martin [mailto:[EMAIL PROTECTED]]
Sent: Friday, 29 September 2000 21:52
To: [EMAIL PROTECTED]
Cc: Colin Weiner; 'Chris Poulin'
Subject: RE: [rapt] CheckPoint vs. Raptor
We supply and support both platforms, including Nokia FW-1,
It basically comes down to speed, security and crucially the number of
interfaces you need. The Nokia's shine when you want a 12-port firewall.
However the Raptor's are more configurable, although not as good looking as
the FW-1 console. If you have a complicated rulebase, Raptor is much nicer
to troubleshoot because of its prioritising the "most specific" rule. You
can get into horrible circular arguments in the FW-1 rulebase which are
simply not an issue in Raptor.
Again though, it comes down to the complexity of the rulebase and the number
of interfaces.
As a rule, we like to push Raptor more than FW-1, but it has to be said that
most of our customers using VPNs go the FW-1 route.
As a support engineer for both platforms, I much prefer Raptor.
Martin
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* This list is sponsored by FireTower, Inc. -- Security Consulting
*
* Before posting, please check the following resources:
* Patches/Hotfixes... http://www.raptor.com/cs/patches/
* Raptor FAQs........ http://www.raptor.com/cs/FAQ/
* FireTower FAQs..... http://www.firetower.com/faqs/
* List Archives...... http://firetower.com/archives.html
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
****************************************************************************
*********
This email message has been swept by MIMEsweeper for the presence of
computer viruses.
www.mimesweeper.com
****************************************************************************
*********
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
