Firewall Wizards mailing list archives

Re: Appliance firewall

From: Jian Zhen <jlz () synlab com>
Date: Mon, 9 Oct 2000 15:12:55 -0700

A year or two ago the Nokia's really sucked. Management are thru telnet and
http (no encryption), performance was slow, installation was difficult.

This year when we looked at nokia again (especially 3.3beta), it's alot more
clean, much better security (https + ssh), better performance, and a cleaner
overall design.

The failover solution for these two products are different but they both
work fairly well. The VRRP solution requires IGMP and multicast. Both 
firewalls require (well, best to use) a separate network port for state
sync'ing for stateful failover.

The setup of PIX failover has less steps than Nokia but that doesn't really
mean much since both are very easy.

I would recommend the Nokia now if you are thinking about one.

But that's not recommending Nokia over PIX tho. FW1 and PIX has similar
technologies and it's difficult to recommend one without knowing more of 
the requirements.

Yasmin Wu (yasminwu () yahoo com) [001009 14:54]:

A year or two ago, in the blackhat session, a
gentlement talked about appliance firewall comparison.
CISCO PIX is one of the product compared but Nokia was
not.

When the audience asked why Nokia was not on the list,
the speaker said that it did not meet certain
pre-selection criteria, so it was left out.

As I started to compare PIX and Nokia, it seems that
they are on-par with each other, and actually I think
Nokia may be a bit better because of it is a more
mature product and in terms of failed over, it don't
need a serial cable :-)

Anyone know why the speaker in the blackhat session
believe that Nokia is not good enough ??
In general, anybody has any comment on the Nokia (good
and bad) ??


y

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards


-- 
Jian L. Zhen
<jlz () synlab com>
wasaaaaaaaaaaaaaaaaaaaaaabi

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

Appliance firewall Yasmin Wu (Oct 09)
- Re: Appliance firewall Jian Zhen (Oct 09)
- Re: Appliance firewall Paul Cardon (Oct 18)
- <Possible follow-ups>
- RE: Appliance firewall bnairn (Oct 09)
  - Re: Appliance firewall Jian Zhen (Oct 11)
  - Routing across my firewall Skip Frizzell (Oct 11)