Security Basics mailing list archives

RE: Firewall recommendations?

From: Tim Donahue <TDonahue () haynesconstruction com>
Date: Tue, 11 Mar 2003 17:25:06 -0500

I have a Watchguard Firebox, and it makes a great firewall, unfortuantly the
VPN features never seemed to work correctly for me (yes, I'm sure it was the
way that I was configuring it, but I .  In the end I ended up configuring a
old workstation (P3 450, 256 MB of ram, and this is overkill) with OpenBSD
to handle all my VPN applications.  Eventually I plan on replacing my
Watchguard with another OpenBSD box.  Check out www.openbsd.com for more
information.

Tim Donahue

-----Original Message-----
From: Thorsten Dampf -- 7stein.net [mailto:thorsten.dampf () 7stein net] 
Sent: Friday, March 07, 2003 3:48 PM
To: rdusek () myway com; security-basics () securityfocus com
Subject: AW: Firewall recommendations?


Take a look at the watchguard products. www.watchguard.com

Regards, Thorsten

-----Ursprüngliche Nachricht-----
Von: rdusek () myway com [mailto:rdusek () myway com]
Gesendet: Donnerstag, 6. März 2003 21:05
An: security-basics () securityfocus com
Betreff: Firewall recommendations?




I am in charge of researching a firewall to replace what we

currently


have.  At my previous job I had used Microsoft ISA in a low-security

environment, and was happy with its features, and its
integration with 

the Windows environment there.  However, at my current job,
security is a 

much greater concern, and I have to admit, I am somewhat
uneasy running a 

Microsoft firewall product on top of a Microsoft OS. We also had

investigated Checkpoint as well as Cisco Pix, and found that for our

needs, the Pix at least seemed to need _many_ separate
components for the 

same functionality. My question is what are your experiences
with using 

ISA from a security standpoint? Usability issues? From the
Mac end? Or 

would we be better off pursuing the Checkpoint or the Pix
solution? We 

also plan on implementing VPN over whatever we choose, so if you

recommend something other than these, it should support at
least PPTP and 

perhaps eventually IPSec/L2TP.  We have also considered placing ISA

behind a Linux (or BSD) IP Chains firewall and our perimeter
network to 

block some of the traffic from getting to ISA. Any comments
here? Thanks 

to everybody in advance!

Current thread:

RE: Firewall recommendations?, (continued)
- - - RE: Firewall recommendations? Jeremy Stinson (Mar 13)
    - RE: Firewall recommendations? David Gillett (Mar 17)
    - RE: Firewall recommendations? Kevin Saenz (Mar 18)
    - RE: Firewall recommendations? Bhavin (Mar 12)
    - RE: Firewall recommendations? Ernest Lau (Mar 13)
- RE: Firewall recommendations? Tom Sevy (Mar 10)
  - Re: Firewall recommendations? Myroslav Halecky (Mar 17)
- RE: Firewall recommendations? Marendra Nutriaji (Mar 10)
- RE: Firewall recommendations? Fields, James (Mar 10)
- RE: Firewall recommendations? Marc Suttle (Mar 10)
- RE: Firewall recommendations? Tim Donahue (Mar 12)
  - Re: Firewall recommendations? planz (Mar 13)
- RE: Firewall recommendations? Clark, Steve (Mar 13)
- RE: Firewall recommendations? Chris Berry (Mar 13)
  - RE: Firewall recommendations? mhunt (Mar 21)
- RE: Firewall recommendations? SimonChan (Mar 19)
  - Re: Firewall recommendations? Meritt James (Mar 20)