RE: firewall suggestion

Just out of question, "any head to head features and functionality"
seems pretty broad, care to be specific or is just a blanket statement
like "Windows is better than linux". 
 
I am also curious as to what functionality you find lacking in the Pix?.
Statefull packet inspection?, VPN?, DMZ?, IPSec or Radius support, I
really can't think of much the pix * Can't * do. 
 
Eric McCarty
 
 


________________________________

        From: charles antrim [mailto:chuck@securityfocus.com] 
        Sent: Wednesday, February 16, 2005 6:03 PM
        To: Tom Farrar; 'Kevin Russell'; firewalls@securityfocus.com
        Subject: Re: firewall suggestion
        
        
        The Juniper Netscreen 25 is a fare better choice than any pix
product.  The netscreen blows away the pix on any head to head features
and functionality.  
        
        
        On 2/16/05 6:07 AM, "Tom Farrar" <tom_farrar@msn.com> wrote:
        
        

                Depending on how much flexibility you demand from the
firewall a good choice is a PIX 515. Also a suggestion is to collate
your FTP and webserve into one, preferably a linux box - with the box
you gain from the migration you could build another linux box and stick
squid and snort on that.
                 
                Another thing is to take into consideration what switch
you are using, a Catalyst 2950 would be a good buy for you internal lan.
                 
                Regards, 
                
                 
                Tom Farrar
                Data Centre Engineer
                tom.farrar@it-ps.com
                
                IT Professional Services
                
                

                ________________________________

                From: Kevin Russell [mailto:kevin@retail-tech.com] 
                Sent: 15 February 2005 14:36
                To: firewalls@securityfocus.com
                Subject: firewall suggestion
                
                
                hi list
                
                
                
                this is my first posting, 
                
                I am in the position to take over as network admin,
mostly just for  the security of the machines/network... any ways we
have an older firewall appliance 
                its a hotbrick, then a router and a switch 24 port,  for
the network mostly just a windows machines, a 2k3 server std, for the
domain controller, and  two DMZ machines
                
                1 is a web server and the other is a Linux ftp server,
and we were thinking of putting another 2k pro box up in the DMZ as a
second  web server, Im trying to get them to let me put an IDS sys into
the mix, but to no avail, I need a some ideas on what you think would be
the better setup for this network, ( its a small only about 15 clients
in the office)
                
                
                
                thx alot for the help
                
                
                
                I know its a noob question....
                
                thx