Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WatchGuard Firebox Info

From: "Matt Bruce" <mbruce () insl co uk>
Date: Mon, 20 Aug 2001 17:35:27 +0100
Hi Gene,

I've administered, installed, maintained and banged my head against both the
Watchguard Firebox-II and Nokia IP330. They have their pros and cons -
mostly a balance of cost, features, manageability and effectivess. Also
consider things like client and host VPNs.

In short, if you're considering the Nokia at all you don't really want the
Firebox (IMHO). The latter is fine in a small office environment with under
50 users when the only Internet-facing stuff you'll be doing is a simple
webserver. Forget multiple DMZs, partner DMZs, etc. The IP330 can be given a
bunch of network interfaces, each of which can act as internal subnets or
DMZs. It has flexibility in configuration, unlike the Firebox.

Also compare the cost. The last time I checked out a Firebox-II it was about
£2,500 (USD$3,700) or so, flat price. The IP330 requires that you purchase
the appliance itself plus the Firewall-1 product licence on top of it, per
IP protected, which will be double the Firebox price at a minimum.

Manageability is an issue, but the fact the IP330 is an appliance makes this
less of an issue (IPSO is your friend). Based on firewall GUIs alone, the
Firebox is a lot easier to understand and maintain, but requires a Windows
machine on the internal network for logging, etc.

Effectivess? Firewall-1 versus anything else. Let me think...

There it is. If you want to do anything other than meat-and-potatoes
external/dmz/internal, then forget the Firebox. The rest is a cost-benefit
ratio, mixed with a helping of subjectivity and ideology. :)

HTH,

Matt Bruce  - mbruce () insl co uk
Internetworking Strategies Ltd
Tel: +44 (0)1491 820 900


"Gene De Libero" <gene () sne com> wrote:



Does anyone have any experience with these boxes? I'm trying to get
feedback before making a purchase. I'm also looking at Nokia
IP330/CheckPoint. I've used both the WatchGuard and Nokia products, but
wonder what other people's experiences have been like.



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: