Firewall Wizards mailing list archives

Re: Nokia IP platform Versus Netscreen Platform

From: "Shaul Efraim" <shaul_efraim () hotmail com>
Date: Thu, 31 May 2001 08:30:54 +0200

Hi Yang,

Doing wire speed 3DES/SHA-1 makes _very little_ difference for
most companies who doesn't have more than 10Mbps link to the
net.
It's management and robustness of the product which makes the real 
difference !!!

Shaul

----- Original Message ----- 
From: "Yang Lee" <ylee () net50 com>
To: <firewall-wizards () nfr net>
Sent: Thursday, May 31, 2001 1:45 AM
Subject: Re: [fw-wiz] Nokia IP platform Versus Netscreen Platform

In our lab, we test out Netscreen NS-5s (low end line), functionality and
performance. The result is closely matched with Netscreen's claim. I'm
especialy impressed with their software (compared to cisco) and their VPN
performance (3des at near wire speed). Pretty interesting. We'll consider
deploy NS-500e at some point that our PIX 525s failed.

Two thumb-up. Go Netscreen!

Paul,

There have been a number of 3rd party articles on
the two products...

When I was evaluating fw/vpn for our network, I
searched the web and found a number of articles on
CommWeb, Network Computing, eWeek, Tolly
Group, Network World, etc.

What it boiled down to was security, performance,
manageability, support, and of course, cost.

NetScreen ranked high on all four counts.  Since both
use Stateful Inspection, security was tight.  Although I
ranked NetScreen a little higher because they use a
non-commercial operating system that can't be
purchased and therefore, reverse engineered to find
the holes.

Performance on the NetScreen is tops, bar none, due
to their 3rd generation ASIC.  The Nokia boxes are
really legacy-based PCs with CheckPoint software
running on them.

Manageability between the two is close due to highly
intuitive web interfaces.  Both of them have global
management options via Provider 1 and Global Pro.
NetScreen also has built-in SSH and SSL for secure
management.

From conversations with their support departments,

they seem to be similar.  Checkpoint being better
than Nokia (for obvious reasons), and NetScreen had
a very capable set of staff as well.  Both companies
have worldwide presence and well-developed
channels.

Cost.  Here's an area where they really diverge.
CheckPoint/Nokia with their confusing licensing
schemes and proliferation of software offerings made
it a pain in the rear for complex deployments.

NetScreen, however, does not have such licensing
arrangements.  Pay for the boxes and support, and
that is pretty much it...

As far as H/A, both of them employ it.  My testing
showed both of them performing fully stateful failover
in less than one second.  I was became a little
concerned when I was simulating a power outage by
cutting the power abruptly and when one of the Nokia
boxes experienced a software corruption and needed
some support to be revived...  No such experience on
the NetScreens and furthermore, they booted up very
quickly...

I hope this helps a little.  If not, again, there are plenty
of third-party articles available on the web...

Cheers,

David P.

Hey...

Has anyone seen a feature/performance

comparison of the above two product lines,
particularly in HA configurations?


Else has anyone done their own analysis they are

willing to share?


Many thanks,

Paul Murphy.



-------------------------------------------------------------------

--------------------------------------------------------

CRESTCo Ltd.             The views expressed above

are not necessarily those

33 Cannon Street.        held by CRESTCo Limited.
London  EC4M 5SB (UK)
+44 (020) 7849 0000     http://www.crestco.co.uk
-------------------------------------------------------------------

--------------------------------------------------------

___________________________________________
____

firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Nokia IP platform Versus Netscreen Platform Paul Murphy (May 11)
- RE: Nokia IP platform Versus Netscreen Platform Ofir Arkin (May 13)
- Re: Nokia IP platform Versus Netscreen Platform Shaul Efraim (May 14)
- <Possible follow-ups>
- Nokia IP platform Versus Netscreen Platform bob loblaw (May 14)
- Re: Nokia IP platform Versus Netscreen Platform David Pearl (May 30)
  - Re: Nokia IP platform Versus Netscreen Platform Yang Lee (May 30)
    - Re: Nokia IP platform Versus Netscreen Platform Shaul Efraim (May 31)
  - Re: Nokia IP platform Versus Netscreen Platform George Capehart (May 31)