Security Basics mailing list archives
RE: WatchGuard Firebox firewalls
From: "Randy Williams" <randyw () techsource com>
Date: Tue, 11 Nov 2003 08:52:34 -0500
I have to agree with Chris. I manage one of the Firebox 1000's and while they do the job, there are certainly better products out there. If we had it to do all over again, we would not have chosen the Firebox product at all. I would not call its software capabilities true intrusion detection, but they do help to block a lot of accesses. However, like all equipment on the net, they are susceptible to attack. I had mine get brought down by the Welchia worm just recently, as the system was too simple to understand what was happening. Once you have the case off, it is just a laptop motherboard running FreeBsd.. If you have the time and managements blessings, I would set up a simple Linux gateway and lock it down snug. Mine does work mind you, but it is has caused a lot of headaches over the 2 years we've had it. RandyW -----Original Message----- From: CHRIS GRABENSTEIN [mailto:LFGRABC () LF VCCS EDU] Sent: Monday, November 10, 2003 3:03 PM To: Security-Basics@Securityfocus. Com (E-Mail) Subject: RE: Watchguard Firebox firewalls I manage two Firebox 1000s. I'm not particularly impressed with it (the rules aren't granular enough for my tastes), but that's what my boss bought. It can detect port scans/ping scans/etc. and dynamically block IPs. It has some built-in proxies to strip out some less-desirable content. It gets the job done, but maybe not as well as other products can. I watched the console port once a long while back and it's just a Linux box in a bright red case. I believe it was running a 2.0 kernel. It may have been 2.2, but I don't think so. Smoothwall (smoothwall.org) looks very nice and is free, but I've only toyed with it a little. Does anyone know how well it's suited for a production network? --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Watchguard Firebox firewalls bailey (Nov 10)
- RE: Watchguard Firebox firewalls Naren - Pactech (Nov 11)
- <Possible follow-ups>
- RE: Watchguard Firebox firewalls CHRIS GRABENSTEIN (Nov 10)
- RE: WatchGuard Firebox firewalls Randy Williams (Nov 11)
- RE: Watchguard Firebox firewalls Bill Hamel (Nov 11)
- Re: Watchguard Firebox firewalls H Carvey (Nov 11)
- RE: Watchguard Firebox firewalls Chris Berry (Nov 11)
- RE: Watchguard Firebox firewalls Henry, Christopher M. (Nov 18)