Educause Security Discussion mailing list archives
Re: Firewall Products
From: Chris Fontaine <chris.fontaine () HUMBER CA>
Date: Thu, 9 Feb 2006 11:01:05 -0500
I aggree other than the support issue....when Juniper took over Netscreen the support went south (and cost thereof) went WAY up. Not to mention that the Netscreen 500's (yes plural) could not handle the regular attack activity seen everyday. We now use Fortinet 3600's in active / passive HA clustering and have been overjoyed with the performance and functionality, not to mention support.......(just our experience) Chris ========================================================================== Chris Fontaine Digital Information Protection & Security, Humber College Information & Technology Services 205 Humber College Blvd Toronto, Ontario, Canada M9W 5L7 chris.fontaine () humber ca (416) 675-6622 ext 4461 The EDUCAUSE Security Discussion Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on Thursday, February 9, 2006 at 9:47 AM -0500 wrote:
Martin, I have some experience with both Fortigate and Netscreen. I like both products very much. Bang for the buck, the Fortigate wins. Overall including support, which is very important to me, the Netscreen wins. I have always received very good support from Netscreen but Fortigate has been sketchy. My 2 cents. Daren -----Original Message----- From: Flagg, Martin D. [mailto:FlaggMD () HIRAM EDU] Sent: Friday, February 03, 2006 6:24 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Firewall Products I am a long time user of the PIX. Currently we have out grown our PIX. My first thought was to replace it with another PIX. I am having seconds thoughts and am looking for opinions and advice. The products we have considered, so far, are PIX(or ASA line from Cisco), Fortigate and the Astaro. I like both the Fortigate and the Astaro but am reluctant since I do not know anyone else using these products. I am a little confused about where Cisco is going with its IDSM-2, FWSM (PIX blade for 6500) and its ASA line. My scenario is as follows Limited budget, I can afford a Firewall but not a Firewall and a Web Proxy/Web Antivirus product Currently we have nothing protecting HTTP/HTTPs from virus's I need to get nice reports and probably need a new syslog product/report product, I have hardware already for this. We currently have AntiSpam that we are happy with, a VPN that we are happy with, A Cisco IDSM-2 that I am not happy with (not dynamic enough and too much time spent tuning) and Email anti-virus that is OK. Any help on or offline is appreciated. Martin D. Flagg Network Engineer/Administrator Hiram College
Current thread:
- Firewall Products Flagg, Martin D. (Feb 03)
- <Possible follow-ups>
- Re: Firewall Products Lee Weers (Feb 03)
- Re: Firewall Products Justin Dover (Feb 03)
- Re: Firewall Products Scholz, Greg (Feb 03)
- Re: Firewall Products David Gillett (Feb 03)
- Re: Firewall Products Gary Dobbins (Feb 03)
- Re: Firewall Products Daren Kinser (Feb 09)
- Re: Firewall Products Chris Fontaine (Feb 09)