Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: Firewall-1 platforms

From: "Chuck Fasching" <cfasching () compures com>
Date: Tue, 6 Mar 2001 16:39:17 -0600

The Nokia platform does support the encryption card, FWI.

Chuck "Spence" Fasching
Security Architect
cfasching () compures com
Computech Resources, Inc
(952)833-0930 xt35




                                                                                                                     
                    "Kalat, Andrew (ISS                                                                              
                    Atlanta)"                   To:     "'Smith, Gary (SCOTAM)'"                                     
                    <akalat () iss net>            <gary.smith () ScottishAmicable co uk>, "'firewall-wizards () nfr 
com'"    
                    Sent by:                    <firewall-wizards () nfr com>                                           
                    firewall-wizards-adm        cc:                                                                  
                    in () nfr com                  Subject:     RE: [fw-wiz] RE: Firewall-1 platforms                   
                                                                                                                     
                                                                                                                     
                    03/06/2001 10:28 AM                                                                              
                                                                                                                     
                                                                                                                     




Hello Gary,
Nokia is good platform for FW-1, but there are some things to keep in mind.

First, Nokia often lags in patch release. Often, you'll see a few weeks
between the time a patch/hotfix/service pack comes out for the Sun version
of FW-1 and the Nokia version.

Second, Nokia is based on BSD. My understanding (could be wrong) is that
Checkpoint is asking all application vendors to now run the Linux version
of
FW-1. This would mean that conceivably at some point Nokia will have to
switch from BSD to Linux. This *is* speculation on my part, but it seems
reasonable.

Third, Sun is much faster at DES encryption throughput than Nokia (however,
Nokia seems to win in raw packet passing speed.) Also, I don't believe the
add on cards for encryption acceleration support Nokia yet, but I'm not
certain on that...

Fourth, with dual Sun boxes, and a good fail over product like StoneBeat, I
believe you can do load balancing of traffic between both Sun boxes. As far
as I know, you can't do load balancing between two Nokia boxes yet.

Just some of my random thoughts and considerations. But, like I said,
overall, Nokia is a good platform, depending on your needs.

-Andrew Kalat

Note: Comments are my own, not my employers, yadda, yadda...

-----Original Message-----
From: Smith, Gary (SCOTAM) [mailto:gary.smith () ScottishAmicable co uk]
Sent: Tuesday, March 06, 2001 5:45 AM
To: 'firewall-wizards () nfr com'
Subject: [fw-wiz] RE: Firewall-1 platforms


David+others:

We are looking at putting in two Nokia Firewall-1 appliances with VRRP
failover.  Aside from cost, can you share any of the potential reasons that
you had for discounting Nokia as a platform?

--Gary;





-----Original Message-----
From: David Lang [mailto:dlang () diginsite com]
Sent: Friday, March 02, 2001 4:36 PM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Firewall-1 platforms


I am looking at putting in a couple Firewall-1 boxes and am debating
between the various hardware platforms.

The Nokia appliances are a distant third choice due to a
number of reasons
(cost being one of them) but I don't have much info to help me choose
between running Firewall-1 on Linux or Solaris



**********************************************************************
Information contained herein is the sole responsibility of the Individual
sending the message. No responsibility is admitted by Scottish Amicable
for any loss or damage incurred through use of the email. In addition, no
statement should be construed as giving investment advice within or
outside the United Kingdom.
An email reply to this address may be subject to interception or monitoring

for operational reasons or for lawful business practices.
*********************************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards




_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: