Firewall Wizards mailing list archives
RE: RE: PIX vs Checkpoint vs Sonicwall vs Netscreenh
From: "manatworkyes moderator" <devekboy () hotmail com>
Date: Sun, 04 Aug 2002 19:59:33 +0000
Roger Marquis said:
WRT to comparisons, we've read a log of generalities but not many specifics. Is there a chart somewhere which lists the relevant (read: non-marketing) features? In particular:
In my opinion, adding the "V" sign next to a list of so-called non-marketing features will provide a false description. For example, lets examine some of the points that you've mentioned:
SSH - is it version 1 or version 2? is it possible to define list of allowed sources that can ssh the system? CLI - are all the options manageable through CLI ? What about log filtering or reading ? HTTP- what type of httpd the system is using ? Is it using unpatched version of Apache ? SYSLOG - How logs are transfered to the syslogd ? what happens when the syslogd is down? what type of DOS attacks the syslog is protected from ?
TFTP - Is it truely secure (Ask CERT about it :-)Configuration - where are RPC services ? Where are hig level protocols like SMTP / HTTP etc ?
I hope that i made myself clear. DB Manageability: [] serial console? [] telnet/cli interface? [] ssh/cli interface? [] http/gui interface? [] java/gui interface? [] syslog support? [] configurable log verbosity? [] snmp/v2/v3? [] tftp backup & upgrade? [] text-based configuration file? [] multi-firewall management tools? Configuration: [] ip, tcp, udp, and icmp protocol type filtering? [] port-range filtering? [] application layer inspection (activex, javascript, flash, im, ...)? [] separate ACLs for incoming and outgoing interfaces? [] separate ACLs for all interfaces? [] stateful filters? [] NAT/PAT/... options? [] tcp sequence validation? [] IDS support? Large Site: [] high-bandwidth options? [] failover? [] load-balancing? [] IPSec VPN support? [] interoperable IPSec VPN support? Support: [] searchable online documentation? [] newsgroup? [] 24*7*365 support? [] 2h phone & email support? [] free and/or inexpensive OS upgrades? Vendor Reliability: [] reasonable pricing? [] straightforward licensing? [] history of profitability? [] accounting irregularities? [] VC funded? [] long-term product support (unlike NA's pgp)? [] history of vulnerabilities? [] timely bug fixes? ... _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: RE: PIX vs Checkpoint vs Sonicwall vs Netscreenh manatworkyes moderator (Aug 04)