Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Firewall-1 platforms

From: "Kalat, Andrew (ISS Atlanta)" <akalat () iss net>
Date: Sun, 4 Mar 2001 17:20:03 -0500 
Hello David,
        At risk of starting a platform holy war, let me chime in with my
opinion. 

Personally, I prefer Sun as the best platform for Checkpoint. I've had the
dubious honor of working in a support department for Firewall-1 in a
previous life, and I have to say that the Sun boxes are the least prone to
wierdness and show the best up time. 

My understanding of the reason for this is that Checkpoint develops
primarily for Sun, then they port it to other platforms. I'm not a big fan
of the Linux platform because often people will run the firewall on desktop
class hardware, rather than servers. You are just asking for trouble if your
memory or I/O is of a substandard level. Going with Sun on a server class
hardware has been my best experience. I've had some success with Linux, but
I have also noted that features are often slow to be implimented on Linux
over Sun. It feels like Checkpoint is playing catch up a bit on the code for
the Linux platform. My concern would be some unknown security issue comes
up, and it takes longer to patch Linux than Sun. 

Of course, it all depends on your budget, security needs, and concerns. I
would say that your hardware that you choose will be a huge determining
factor. 

Hope this helps. 
Andrew Kalat



-----Original Message-----
From: David Lang [mailto:dlang () diginsite com]
Sent: Friday, March 02, 2001 4:36 PM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Firewall-1 platforms


I am looking at putting in a couple Firewall-1 boxes and am debating
between the various hardware platforms.

The Nokia appliances are a distant third choice due to a 
number of reasons
(cost being one of them) but I don't have much info to help me choose
between running Firewall-1 on Linux or Solaris

these firewalls will be internal firewalls and fairly low traffic (one
will be ~128Kb the other <3Mb) so I should have no problem 
getting a box
of either type powerful enough to handle the load.

anyone have any comparisons between the two?

David Lang
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: