Firewall Wizards mailing list archives
RE: CP Vs SonicWall Vs PIX Vs Netscreen Vs Symantec
From: "Josh Welch" <jwelch () buffalowildwings com>
Date: Fri, 15 Aug 2003 16:28:37 -0500
bit_suryanto80 () yahoo com sg said:
Hello, We are currently evaluating several remote firewall devices for broadband usage: Checkpoint VPN1-pro SonicWall PIX-515E-UR Intrusions PDS Netscreen 50 Symantec Gateway Security 5300 I've been poking around the net for some recent comparisons and what not about the different platfomrs to no avail so I've decided to approach the user community. There will be several hundred at least and I figure that some folks out there may have some interesting thoughts or comments on the different platforms that may have escaped us. We are looking for the good, the bad and the ugly. The critical issues are: security issues of the individual platform management issues (sw, firmware, policy) mechanisms for managing virus sw revisions dual vs triple interfaces we'd like to separate "home" from "work" thnx.u
I've been looking at a smaller deployment of the same type, I'll give you my impressions so far. I am largely focusing on the PIX and NS at this point, checkpoint is beyond my budget, hadn't heard of Intrusions, and I've heard rumblings of financial difficulties at Sonicwall that I have not yet confirmed. I may look at the Symantec yet. If these are for SOHO users (that's what I think of when I see broadband), then you'd want to look at the Netscreen 5 and PIX 501 types. They are sized more appropriately for these purposes. I don't remember seeing AV capability in the PIX, the NS 5GT did or will have it, can't remember. Then again, I don't know if I want that on my firewall or not. You can block ActiveX and Java thingies with the Netscreen, I don't know if you can with the PIX (I've researched the Netscreen a fair bit, but am just beginning on the PIX). I don't like the web interface on the NS, web server on firewall makes me nervous, but I am assuming I can turn it off. Both NS and Cisco offer a central management solution, seems like a good thing to invest in with a bunch of FW running, trying to convince management of same. The NS Solution I looked at allowed for updating policies and software revs. As far as security of one versus the other, I don't know. They are both certified by the ICSA labs, and have Common Criteria EAL 4 ratings with the proper software revisision, this seems like a good thing. That's what I have so far, HTH Josh _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- CP Vs SonicWall Vs PIX Vs Netscreen Vs Symantec bit_suryanto80 (Aug 15)
- RE: CP Vs SonicWall Vs PIX Vs Netscreen Vs Symantec Josh Welch (Aug 17)