Firewall Wizards mailing list archives
RE: Lucent's Brick for VPN?
From: <rreiner () fscinternet com>
Date: Tue, 27 Feb 2001 13:36:33 -0500
We've had some experiecne with these -- we've recently deployed a network of a few dozen LMF units (Bricks) with LSMS (management server) for a national company.
1. How long the product has been out?
Approaching two years now.
2. Ease of configurablity,
With version 4.x management server software: Fair. With version 5.0 management server software: Good. With version 5.1 management server software: Excellent.
3. Expansibility and high availability,
Brick and mini-brick devices are not expandable. However, sites can start with a mini-brick (model 80) and later transition to a full brick (model 201). HA can be acheived at a basic level by subsitution of a warm spare ... it takes approximately 5 minutes to substitute a new Brick for a failed unit, and the new unit then comes up with all security policy elements fully in effect. Higher levels of HA are done with external hardware-based HA/LB controllers -- we've had excellent results with the BIG/IP HA+ Enterprise units from F5.
4. Flexibility in setting up VPN tunnels,
Very good. No major limitations.
5. Layer 2, 3 or both,
Anti-spoofing at layers 2 and 3 (note that L2 anti-spoofing is not available in competitive products.) Filtering ("stateful inspection") at layers 3 up.
6. Down-sides and anything else.
In our estimation, not much downside for environments in which a stateful-inspection type of firewall (with limited application-proxy capabilities) is required. The LMF/LSMS system is cheap (for its category), has extremely good price/performance, and has very desirable R/A/S chacteristics. -- . . Richard Reiner, Ph.D. . FSC Internet Corp. / SecureXpert Labs . 229 Yonge Street . Toronto, Ontario . Canada M5B 1N9 . Tel: +1 416 921 4280, Fax: +1 416 966 2451 . rreiner () fscinternet com, http://www.fscinternet.com . ============================================ This message may contain confidential and/or proprietary information, and is intended only for the person/entity to whom it was originally addressed. The content of this message may contain private views and opinions which do not constitute a formal disclosure or commitment unless specifically stated. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Lucent's Brick for VPN? Rama Kant (Feb 27)
- <Possible follow-ups>
- RE: Lucent's Brick for VPN? rreiner (Feb 27)