Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Which one to choose: Checkpoint,Cisco,Juniper Netscreen

from [Kevin Doheny] Network Security [Permanent Link]
Subject: RE: Which one to choose: Checkpoint,Cisco,Juniper Netscreen
Date: Mon, 9 May 2005 10:14:51 -0400 
I could not agree more.  Juniper has the price point and advanced
functionality... not to mention hardware support for VPN systems.

Kevin M. Doheny, CISSP
Director of Security Services
CNP Technologies 
-----Original Message-----
From: Charles Antrim [mailto:chuck@antrim.org] 
Sent: Saturday, May 07, 2005 12:11 PM
To: Guillome Main
Cc: firewalls@securityfocus.com
Subject: Re: Which one to choose: Checkpoint,Cisco,Juniper Netscreen

I recommend the Juniper Netscreen.

The Netscreen does all that you require below.

If
On May 6, 2005, at 2:49 AM, Guillome Main wrote:


 Hi All,

I would like to ask some advice from you. I need to buy a firewall/vpn
appliance for my business.
Here is what we have now:
Two hosted servers at ISP location.
These two servers need at least 50-10 site-to-site vpn connection  
to other
parties remote locations and remote user vpn access as well.
The maximum daily traffic is 100Mb at the moment, but will increase  
in the
future.

Which manufacturer would you choose?
I checked out:
Cisco Pix 15
Checkpoint Firewall-1
Juniper Netscreen 25-50

Here are the requirements:

Firewall/VPN appliance requirements

Firewall:
-    Protocol anomaly detection
-    Deep inspection/application level: http, ftp, smtp, pop, dns, stb
-    NAT / PAT

VPN:
-    Concurrent Branch Office Site-to-Site VPN tunnels: min 10
-    Mobile user VPN tunnels: up to 50
-    Tunnel interfaces: min 10
-    Encryption: DES, 3DES, AES
-    Authentication algorithms: MD5, SHA1
-    Authentication type: Preshared Key, IKE, PKI(X.509), L2TP/IPSEC,
PPTP, CHAP, MSCHAP, MSCHAPv2, and PAP
-    Perfect forward secrecy (PFS): DH Group 1,2,5
-    IPSEC NAT-T
-    IPSEC in Transport Mode not only in Tunnel Mode (net-to-net,
host-to-net, host-to-host)
-    VPN User connection with VPN clients

Firewall and VPN User authentication:
-    built in database: up to 100 users
-    3rd party authentication: RADIUS, RSA SecureID, LDAP
-    Authentication method: web based, client based (3rd party VPN  
client
or MS Windows built-in)

High Availability (optional):
-    network load balance capability or
-    active-passive cluster capability (fail-over)

IP Address Assignment:
-    Static
-    DHCP

System management:
-    WebUI
-    Console
-    SSH
-    Real-time monitoring
-    Historical reporting
-    Alarm, event notification

Administration:
-    configuration roll-back
-    applying minor access or configuration changes without restarting
the device




WSAPP:
Ez a level virusellenorzesen esett at!
This message was checked against viruses!
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [SPAM] - Software vs hardware firewalls ... - Email found in subject, Thomas W Shinder
Next by Date:  RE: Software vs hardware firewalls ..., David Gillett
Previous by Thread:  RE: Which one to choose: Checkpoint,Cisco,Juniper Netscreen, Chris J. Cooper
Next by Thread:  RE: [SPAM] - Software vs hardware firewalls ... - Email found in subject, Thomas W Shinder
Indexes:  [Date] [Thread] [Top] [All Lists]