RE: Multi-media friendly Firewalls

["Staggs, Michael" <Michael_Staggs () NAI com>]

Gauntlet UNIX and NT has both dedicated proxies that handle your protocol
requirements and plug proxies that can be customized should you need to vary
from standard ports. The management interfaces are the pretty standard GUI
stuff we have all grown used to (lazy) and the UNIX flavors still have the
option to edit .conf files and netperm tables should you feel more
comfortable with direct editing.

The latest version on UNIX is a real screamer as well- up to 65 meg
throughput WITH VPN. No bottlenecks here. Add integral virus scanning,
muliple fw policy console management, a long legacy of NO exploits and an
intrusion detection/response capability and it is a rock solid performer. 

I work as an eng for NAI, so my opinion is biased, obviously. Check out the
latest performance data from third party tests (Mar issue Datacomm is one)
and see for yourself. NAI can even set up a loaner box fro you so you can
see that we are not "blowing smoke". I left a government position because
the technology inside this beast is so inspiring.

MJ Staggs

-----Original Message-----
From: ReedD () HQISEC ARMY MIL [mailto:ReedD () HQISEC ARMY MIL]
Sent: Monday, January 31, 2000 9:33 AM
To: firewall-wizards () nfr net
Subject: Multi-media friendly Firewalls


I have a customer that will be standing up a new group and is looking at
implementing a firewall (yea !!).  However, they do have a strong
requirement to support VTC capability (H.323, T.120) streaming video,
real-audio and the like.  Luckily there are definite end-points external and
internal to the firewall that will be used to create the firewall rule sets.
What I need to know are what firewalls (proxy and stateful) that are
multi-media friendly and can handle these protocols with the least amount of
difficulty.  If anyone has any experiences good or bad using mutli-media
protocols with the Cisco PIX, Lucent Brick, Axent Raptor (NT or UNIX), TIS
Gauntlet would be appreciated.

Don Reed