Re: Firewall Products

[Daren Kinser <dkinser () UCSD EDU>]

Martin,

I have some experience with both Fortigate and Netscreen. I like both
products very much.  Bang for the buck, the Fortigate wins. Overall
including support, which is very important to me, the Netscreen wins. I
have always received very good support from Netscreen but Fortigate has
been sketchy. My 2 cents.

Daren

-----Original Message-----
From: Flagg, Martin D. [mailto:FlaggMD () HIRAM EDU] 
Sent: Friday, February 03, 2006 6:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Firewall Products

 I am a long time user of the PIX.  Currently we have out grown our PIX.
My first thought was to replace it with another PIX.  I am having
seconds thoughts and am looking for opinions and advice.  The products
we have considered, so far, are PIX(or ASA line from Cisco), Fortigate
and the Astaro.  I like both the Fortigate and the Astaro but am
reluctant since I do not know anyone else using these products.

I am a little confused about where Cisco is going with its IDSM-2, FWSM
(PIX blade for 6500) and its ASA line.


My scenario is as follows

Limited budget, I can afford a Firewall but not a Firewall and a Web
Proxy/Web Antivirus product

Currently we have nothing protecting HTTP/HTTPs from virus's

I need to get nice reports and probably need a new syslog product/report
product, I have hardware already for this.

We currently have AntiSpam that we are happy with, a VPN that we are
happy with, A Cisco IDSM-2 that I am not happy with (not dynamic enough
and too much time spent tuning) and Email anti-virus that is OK.


Any help on or offline is appreciated.

Martin D. Flagg
Network Engineer/Administrator
Hiram College