There are better tools to admin rules, like fwbuilder for pix...
-H
-----Original Message-----
From: Perrymon, Josh L. [mailto:PerrymonJ@bek.com]
Sent: Martes, 29 de Junio de 2004 14:58
To: 'Darkslaker'; full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] PIX vs CheckPoint
Well-
There are a *lot of differences between the PIX and FW-1.
First the Pix will allow anything outbound unless explicitly denied. The
FW-1 is opposite.
The logging is also very different (( Log viewing I suppose )). The FW-1 has
a nice GUI that you use to
configure it and look at the log files. The pix has to send to syslog and be
ran through something like sawmill.
To really tweak the PIX you need to use the CLI. The GUI they have will work
but my opinion is that is puts a lot of shit in the config you don't need
especially PDM objects if you use names in your config.
The PIX has a lot less parts to fail- The Check point has hard drives and
the PIX has RAM / memory.
Just ideas-
JP
-----Original Message-----
From: Darkslaker [mailto:rienzi@nimrod.com.mx]
Sent: Tuesday, June 29, 2004 1:24 PM
To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] PIX vs CheckPoint
i am studying for the CCSA and my Friend for CSPFA in the interchange of
ideas we did not find differences significant; maybe two ; PIX run in OS
for CISCO and CheckPoint in many platforms; and checkPoit have more
products.
My question is PIX or Checkpoint what is better and why.
"Yo nací para atrapar dragones en sus guaridas y para recoger flores. Yo
nací para pasar las mañanas contando historias divertidas, para soñar a la
deriva como si fuera yo un arroyo y para caminar descalzo a la luz del sol"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
