Security Basics mailing list archives
Re: Enterprise level firewall selection
From: "Naren" <naren () pactech net>
Date: Tue, 23 Aug 2005 19:46:08 +0800
I agree ... I just forgot to mention that CC allows for easier comparison between products based on their scope of certification.
For example, one of the firewalls on CC 4+ is certified for everything except the base OS.
Commoncriteria makes things more transparent, allowing a more simpler comparison process....
Naren T. Naren - Dip M, CCDA, Technical Manager - Pactech (IT Security Solutions) Volunteer - HWA (www.hwa.org.sg) VP Community Service - Marina Junior Chamber (http://marina.jcs.org.sg) Email : naren () swiftech net sg Mobile: +65-98325775 # For thought It is not the size of the dog in the fight that matters: It is the size of the fight in the dog that matters !!----- Original Message ----- From: Mervyn Heng
To: Naren Cc: security-basics () securityfocus com Sent: Tuesday, August 23, 2005 7:30 PM Subject: Re: Enterprise level firewall selectionCommon Criteria (CC) is a standard used by governments when choosing a product but its not the best method and only evaluation criteria to use. Vendors can selectively choose which components they want to be certified by CC. For example, Windows is certified EAL 4 so does that make it a secure product? However, I'm a personal advocate for proxy firewalls that inspect up to layer 7.
barcajax On 8/22/05, Naren <naren () pactech net> wrote: From: Naren To: Vijay Vikram ; Yvonne McInally Cc: Javier Larrea Jaspe ; sumeet_nagar () hotmail com ; security-basics () securityfocus com Sent: Wednesday, August 17, 2005 3:15 PM Subject: Re: Enterprise level firewall selectionYou should take a look at Common Criteria, where firewalls are compared more objectively.
The most favored are, as certified by Common Criteria and standardised atleast in this part of the world - are Borderware / Steelgate, Cyberguard and Sidewinder.
Common criteria evaluates based on more specific security architecture. True application level firewall is considered safe and more resilient, vs any SPI / Cut through proxies.
Naren T. Naren - Dip M, CCDA, Certified Engineer - Watchguard and Borderware Certified Sales Expert - Watchguard Technical Manager - Pactech ( http://www.pactech.net) #07-02, Blk 211, Henderson Road, Singapore 159552, Tel: +65-62711123, Fax: +65-62703919 Emaill: naren () pactech net Mobile: +65-90044249----- Original Message ----- From: Vijay Vikram
To: Yvonne McInally Cc: Javier Larrea Jaspe ; sumeet_nagar () hotmail com ; security-basics () securityfocus com Sent: Tuesday, August 16, 2005 9:49 PM Subject: Re: Enterprise level firewall selection Hi All For your comparison on enterprise level firewalls, point the link to https://www.icsalabs.com/icsa/main.php?pid=gddfg, this gives more information on individual products based on products certified under The Modular Firewall Certification Criteria Version 4.0 / 4.1 or based on corporate deployment / small business deployment / residential usage You could also see the Firewall Product Developers Consortium (FWPD) page in the ICSA site for more knowledge on their products , development and testing before release of the products One can also find a wealth of information like Antivirus IPSec SSL-TLS Network Intrusion Prevention Premier Services Wireless Cryptography Intrusion Detection PC Firewalls in the site keep browsing KKDU On 8/12/05, Yvonne McInally <ymcinally () cyberguard co uk> wrote:
Dear All, If any of you need competitive information or would like to evaluate our range of high enterprise/SME firewalls please feel free to contact me. Kind Regards Yvonne Yvonne McInally Internal Sales /Training Co-oridinator EMEA CyberGuard Europe Ltd No 1, The Arena Downshire Way Bracknell Berkshire RG12 1PU United Kingdom Phone +44 (0) 870 460 4766 Fax + 44 (0) 870 460 4767 Support +44 (0) 870 460 4755 www.cyberguard.com -----Original Message----- From: Javier Larrea Jaspe [mailto: javier.larrea () gmail com] Sent: 11 August 2005 09:21 To: sumeet_nagar () hotmail com Cc: security-basics () securityfocus com Subject: Re: Enterprise level firewall selection Try this web: http://www.tolly.com /"The Tolly Group's program provides end-users independently-validated information across a range of technologies. "/ The following is a performance comparison, (Checkpoint vs. Netscreen vs. Cisco): http://www.tolly.com/TS/2002/Check%20Point/VPN-1%20Pro/TollyTS202132Chec kPointVPN-1ProAug02-b.pdf Javier Larrea sumeet_nagar () hotmail com wrote: >Dear list members, > >I am looking for comparison of different enterprise level firewalls and was wondering if you could help me with that. > >I am sure someone has done such a comparison based on effectiveness, performance, throughput, price, other features etc. of leading vendors (Cisco, Checkpoint, Netcreen, Symantec, Cyberguard, SonicWall etc.)and I am just not able to find it one the web. Would someone be kind enough to point me in the right direction? > >Thanks so much! >>Sumeet
This mail is delivered by MXTREME mail security appliance. MXTREME, which is the world's highest certified email security product, Protects your organisation from all forms of email borne threats. For a free trial or more info, email to sales () pactech net or visit www.mxtreme.com
Current thread:
- Re: Enterprise level firewall selection, (continued)
- Re: Enterprise level firewall selection Art Cooper (Aug 10)
- Re: Enterprise level firewall selection Anil Saini (Aug 16)
- Re: Enterprise level firewall selection Art Cooper (Aug 10)
- Re: Enterprise level firewall selection Ivan . (Aug 10)
- Re: Enterprise level firewall selection Javier Larrea Jaspe (Aug 12)
- RE: Enterprise level firewall selection Yvonne McInally (Aug 12)
- Re: Enterprise level firewall selection Ivan . (Aug 16)
- Re: Enterprise level firewall selection Vijay Vikram (Aug 16)
- RE: Enterprise level firewall selection Yvonne McInally (Aug 16)
- Re: Enterprise level firewall selection Ivan . (Aug 16)
- Re: Enterprise level firewall selection Naren (Aug 22)
- Message not available
- Re: Enterprise level firewall selection Naren (Aug 23)
- Message not available