Firewall Wizards mailing list archives
Re: Nokia interview questions
From: Oscar Wahlberg <oscar.wahlberg () home se>
Date: Mon, 24 Sep 2001 23:42:56 +0200
Hi, Comments below Quoting Subba Rao <subba9 () home com>:
We are bidding on a project with dual Nokia (Checkpoint) firewalls. Most of our experience with Checkpoint is on Sun system. From what I understand Nokia firewall is Checkpoint firewall. The customer is insisting on Nokia experience. I don't know what OS runs on the Nokia system.
If you're an experienced unix admin handling the Nokia boxes shouldn't be a problem. They run an OS dubbed IPSO which is IIRC based on a modified BSD kernel. In general, another unix platform, some things differ, other don't. In other words it's not harder for a Solaris admin to handle a Nokia box compared to say for instance a Linux or BSD box, probably easier since it's stripped down to the bare essentials. Mind you, it does have it quirks, but notihing that should be a problem. It worked flawlessly for me with something like 8 separate DMZs and high load.
Is there anything different about Nokia Checkpoint vs other platform(s) Checkpoint.
As for FW-1 diffrencies, I didn't notice any when I worked quite extensivly with the IP440 a year ago, except that the service packs came slighlt after the realse of the solaris versions. That might have changed, I know Nokia tried to get them out faster.
We will be meeting with this customer again next week. Is there anything specific to Nokia that I should know?
Hmmm, if they're into HA they'll probably know that you can use configure the IP440/650's in a VRRP solution that works well (i.e /w state table failover). Probably at least comparable to Stonebeat/Rainwall on SUN, but don't hold me to that since I haven't looked to closely on that. The really nice thing about the Nokia is that it's a stripped down OS, ideal for disaster recovery. One of my boxes harddrive died, the secondary IP440 took over (the customers never noticed) and worked flawlessly. When I got a new harddrive it took me about an hour to have the primary in the _exact_ same state as the previous harddrive. Overall, I really liked the IP440/650's. Easy to learn, no nonsense, extremly easy to deploy an masse, easy to manage etc... I could get all of that from a Solaris machine as well, but that would demand a jumpstart server and a lot more work. Cheers, -- Oscar Wahlberg <oscar.wahlberg(at)home.se> "There are only two industries that refer to their customers as 'users'." --Edward Tufte
Attachment:
_bin
Description:
Current thread:
- Nokia interview questions Subba Rao (Sep 24)
- Re: Nokia interview questions Andrew Huffer (Sep 25)
- Re: Nokia interview questions Peter Lukas (Sep 25)
- Re: Nokia interview questions black (Sep 26)
- Re: Nokia interview questions Peter Lukas (Sep 26)
- Re: Nokia interview questions hesselsp (Sep 28)
- Re: Nokia interview questions Peter Lukas (Sep 28)
- Re: Nokia interview questions black (Sep 26)
- Re: Nokia interview questions hermit1 (Sep 25)
- Re: Nokia interview questions Joe Dauncey (Sep 25)
- Re: Nokia interview questions Oscar Wahlberg (Sep 25)