Security Basics mailing list archives

RE: WatchGuard Firebox firewalls

From: "Randy Williams" <randyw () techsource com>
Date: Tue, 11 Nov 2003 08:52:34 -0500

I have to agree with Chris.  I manage one of the Firebox 1000's and while
they do the job, there are certainly better products out there.  If we had
it to do all over again, we would not have chosen the Firebox product at
all.

I would not call its software capabilities true intrusion detection, but
they do help to block a lot of accesses.  However, like all equipment on the
net, they are susceptible to attack.  I had mine get brought down by the
Welchia worm just recently, as the system was too simple to understand what
was happening.

Once you have the case off, it is just a laptop motherboard running
FreeBsd..

If you have the time and managements blessings, I would set up a simple
Linux gateway and lock it down snug.

Mine does work mind you, but it is has caused a lot of headaches over the 2
years we've had it.

RandyW

-----Original Message-----
From: CHRIS GRABENSTEIN [mailto:LFGRABC () LF VCCS EDU] 
Sent: Monday, November 10, 2003 3:03 PM
To: Security-Basics@Securityfocus. Com (E-Mail)
Subject: RE: Watchguard Firebox firewalls

I manage two Firebox 1000s.  I'm not particularly impressed with it (the
rules aren't granular enough for my tastes), but that's what my boss bought.
It can detect port scans/ping scans/etc. and dynamically block IPs.  It has
some built-in proxies to strip out some less-desirable content.

It gets the job done, but maybe not as well as other products can.  I
watched
the console port once a long while back and it's just a Linux box in a
bright
red case.  I believe it was running a 2.0 kernel.  It may have been 2.2, but
I don't think so.

Smoothwall (smoothwall.org) looks very nice and is free, but I've only toyed
with it a little.  Does anyone know how well it's suited for a production
network?




---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------

Current thread:

Watchguard Firebox firewalls bailey (Nov 10)
- RE: Watchguard Firebox firewalls Naren - Pactech (Nov 11)
- <Possible follow-ups>
- RE: Watchguard Firebox firewalls CHRIS GRABENSTEIN (Nov 10)
  - RE: WatchGuard Firebox firewalls Randy Williams (Nov 11)
  - RE: Watchguard Firebox firewalls Bill Hamel (Nov 11)
- Re: Watchguard Firebox firewalls H Carvey (Nov 11)
- RE: Watchguard Firebox firewalls Chris Berry (Nov 11)
- RE: Watchguard Firebox firewalls Henry, Christopher M. (Nov 18)