Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PIX Vs ASA

from [Abel Lucano] Network Security [Permanent Link]
Subject: RE: PIX Vs ASA
Date: Thu, 23 Feb 2006 12:32:47 -0300 (ART) 

On Thu, 16 Feb 2006, Baussmann, Peter wrote:


Yeah...but do you *really* want one? From past experience, "all-in-one"
solutions aren't always a good thing.


Yes, I really do; Past experience not always remains true.
IMHO CiscoASA is going to play in the UTM (Unified Thread Management)
market share, in alliance with Trend to supply third part solutions;



- Performance usually suffers (a good example is turning on the IDS
signatures on a Netscreen firewall and see what happens to performance).


Yup; but nowadays ASIC perspective (i.e. Fortinet) doesn't repeat the mistake.
ASA ASIC's based is the same way.


- Firewalls with anti-virus/IPS capabilities usually only scan for
well-known malware/worms etc. and aren't as comprehensive as dedicated
systems.


not totally true; there're heuristic features included too in all-in-one
appliances.



- If you're relying on one box to do all your security work, you're
going to be losing your anti-virus, IPS and firewall capabilities if
that box goes down.


If you do a correct sizing of your network needs, you have a lot more
for the money and time  with one all-in-one appliance;
(add in a column licensin for WebFilter(i.e. Websense)+ AV/ASpam (i.e. Trend) +
IDS/IPS + SSL VPN + .. and compare)
If you firewall dows down, I think that AVirus is the minor of your problems.
All-in-one boxes offers to you HA (failover) too.

best regards,


--

Abel Lucano _______________________________________

GlobalGate
TE:  (+5411) 5218 4242/44     FAX: (+5411) 5218 4245
Ciudad de Buenos Aires   -    Argentina
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Open source windows firewall, Bill Busby
Next by Date:  RE: pix 501, Andrew Shore
Previous by Thread:  RE: PIX Vs ASA, Andrew Shore
Next by Thread:  BCS Asia 2006 - Call for Papers, Jim Geovedi
Indexes:  [Date] [Thread] [Top] [All Lists]