Hi, take a look at http://www.networkcomputing.com/1223/1223f2.html this URL
compares this products:
Cisco Systems PIX 535
NetScreen Technologies NetScreen-1000
Check Point Software Technologies Check Point NG
Lucent Technologies VPN Firewall Brick 201
VPN Firewall Brick 1000
Nokia IP530 and Stonesoft Corp. StoneGate.
Cisco Pix and NetScreen are the only firewalls to pass the Mike Scher TCP
shenanigans test (see web site for more information). Also you can see as
conclusion that both are almost the same, but Netscreen GUI is not as good
as de CLI of Cisco PIX. As a new user of firewalls, you can find a lot more
documentation of Cisco PIX products.
Eduardo Di Monte
Tecnico de Seguridad de la Informacion
-----Mensaje original-----
De: Eric McCarty [mailto:eric@piteduncan.com]
Enviado el: martes, 22 de febrero de 2005 16:55
Para: charles antrim; Tom Farrar; Kevin Russell;
firewalls@securityfocus.com
Asunto: RE: firewall suggestion
Just out of question, "any head to head features and functionality"
seems pretty broad, care to be specific or is just a blanket statement
like "Windows is better than linux".
I am also curious as to what functionality you find lacking in the Pix?.
Statefull packet inspection?, VPN?, DMZ?, IPSec or Radius support, I
really can't think of much the pix * Can't * do.
Eric McCarty
________________________________
From: charles antrim [mailto:chuck@securityfocus.com]
Sent: Wednesday, February 16, 2005 6:03 PM
To: Tom Farrar; 'Kevin Russell'; firewalls@securityfocus.com
Subject: Re: firewall suggestion
The Juniper Netscreen 25 is a fare better choice than any pix
product. The netscreen blows away the pix on any head to head features
and functionality.
On 2/16/05 6:07 AM, "Tom Farrar" <tom_farrar@msn.com> wrote:
Depending on how much flexibility you demand from the
firewall a good choice is a PIX 515. Also a suggestion is to collate
your FTP and webserve into one, preferably a linux box - with the box
you gain from the migration you could build another linux box and stick
squid and snort on that.
Another thing is to take into consideration what switch
you are using, a Catalyst 2950 would be a good buy for you internal lan.
Regards,
Tom Farrar
Data Centre Engineer
tom.farrar@it-ps.com
IT Professional Services
________________________________
From: Kevin Russell [mailto:kevin@retail-tech.com]
Sent: 15 February 2005 14:36
To: firewalls@securityfocus.com
Subject: firewall suggestion
hi list
this is my first posting,
I am in the position to take over as network admin,
mostly just for the security of the machines/network... any ways we
have an older firewall appliance
its a hotbrick, then a router and a switch 24 port, for
the network mostly just a windows machines, a 2k3 server std, for the
domain controller, and two DMZ machines
1 is a web server and the other is a Linux ftp server,
and we were thinking of putting another 2k pro box up in the DMZ as a
second web server, Im trying to get them to let me put an IDS sys into
the mix, but to no avail, I need a some ideas on what you think would be
the better setup for this network, ( its a small only about 15 clients
in the office)
thx alot for the help
I know its a noob question....
thx
