Actually that is not correct. Cisco does not use ASIC. They use Intel. Check
the datasheets on Cisco's website. However, the Netscreen 5gt does not use the
ASIC either. It is an Intel chip. This was for the AV feature. While I fan of
Netscreen, I must confess that I am not a huge fan yet of the 5gt. The IDP is
only a token one at best. The AV is unimpressive from my experience. They had a
lot of trouble at first with updating pattern files due to their update server
not being able to handle all the requests. However, it is not a bad deal for a
small office that doesn't need a lot. VPN implementation is cake with them.
I don't have much experience with the PIX. So I can't sit here and tell you it
is crap. In fact, I am sure it isn't. It doesn't sound like like your company
is wanting to spend a lot of money. The 5gt, is still a decent little firewall.
It could probably do all you would really need there. However, I would go with
the XT over it.
________________________________
From: Lamy Vincent [mailto:VLamy@groupama-am.fr]
Sent: Tuesday, February 22, 2005 11:38 AM
To: charles antrim; tom.farrar@it-ps.com; chuck.ITPS@it-ps.com;
kevin@retail-tech.com; firewalls@securityfocus.com
Subject: RE: firewall suggestion
Sorry but PIX is an ASIC based appliance too...... it's not a pc.....
Vincent Lamy
Consultant Réseau & Sécurité
Service des Moyens Informatiques
Groupama Asset Management
Tél : +33 (0) 1 44 56 58 57
________________________________
De : charles antrim [mailto:chuck@securityfocus.com]
Envoyé : samedi 19 février 2005 03:00
À : tom.farrar@it-ps.com; chuck.ITPS@it-ps.com; kevin@retail-tech.com;
firewalls@securityfocus.com
Objet : Re: firewall suggestion
You speak with no authority my friend. Head to head the Netscreen out performs
any pc system. The pix is a pc, the Netscreen is an ASIC based appliance.
That alone is a differentiator.
On 2/17/05 1:17 AM, "tom.farrar@it-ps.com" <tom.farrar@it-ps.com> wrote:
The PIX 515 is far superior to netscreen's, full stop(.) - by
concurrent connections or VPN tunnel, or even throughput. I would love to see
some field reports for the netscreen 25 in comparison to the 515. The downside
to the PIX product is the management interface..
Tom Farrar
Data Centre Engineer
tom.farrar@it-ps.com
IT Professional Services
________________________________
From: charles antrim [mailto:chuck]
Sent: 17 February 2005 02:03
To: Tom Farrar; 'Kevin Russell'; firewalls@securityfocus.com
Subject: Re: firewall suggestion
The Juniper Netscreen 25 is a fare better choice than any pix product.
The netscreen blows away the pix on any head to head features and
functionality.
On 2/16/05 6:07 AM, "Tom Farrar" <tom_farrar@msn.com> wrote:
Depending on how much flexibility you demand from the firewall a good
choice is a PIX 515. Also a suggestion is to collate your FTP and webserve into
one, preferably a linux box - with the box you gain from the migration you
could build another linux box and stick squid and snort on that.
Another thing is to take into consideration what switch you are using,
a Catalyst 2950 would be a good buy for you internal lan.
Regards,
Tom Farrar
Data Centre Engineer
tom.farrar@it-ps.com
IT Professional Services
________________________________
From: Kevin Russell [mailto:kevin@retail-tech.com]
<mailto:kevin@retail-tech.com%5d> <mailto:kevin@retail-tech.com%5d>
Sent: 15 February 2005 14:36
To: firewalls@securityfocus.com
Subject: firewall suggestion
hi list
this is my first posting,
I am in the position to take over as network admin, mostly just for
the security of the machines/network... any ways we have an older firewall
appliance
its a hotbrick, then a router and a switch 24 port, for the network
mostly just a windows machines, a 2k3 server std, for the domain controller,
and two DMZ machines
1 is a web server and the other is a Linux ftp server, and we were
thinking of putting another 2k pro box up in the DMZ as a second web server,
Im trying to get them to let me put an IDS sys into the mix, but to no avail, I
need a some ideas on what you think would be the better setup for this network,
( its a small only about 15 clients in the office)
thx alot for the help
I know its a noob question....
thx
