Re: SCC buys Gauntlet

[Tina Bird <tbird () precision-guesswork com>]

I've been running Sidewinders both locally
and remotely since 1996.  You'll probably
be pleasantly surprised.  I nearly uniformly
use Dell rackmount servers, although I've built
my own PC hardware in a few cases for customers
that had special requirements (token ring,
anyone?).  In the last two years on the
networks I use, we've had three or four Sun
disk failures, CPU deaths, and at least one
memory problem -- during the same time period
the PC hardware hosting my corporate Sidewinders
has been solid as a rock.

I'm continually amazed when people report that
Sidewinder isn't sufficiently customizable.
I find it vastly easier to work on than Gauntlet
or FW-1, primarily because it's much closer to
UNIX -- i.e. based on text config files which
are nearly natural language, rather than 
proprietary coding languages.  What do you need
the systems to do?  I got IPsec running >through<
a Sidewinder long before anyone seemed to be able
to do that on a Gauntlet.

Plus, you get the great advantage of not having to
build and maintain the underlying operating 
system, since it's all bundled -- and the joy of 
a mandatory access control operating system,
which amongst other things means that you've got
built in damage control against exploits and bugs,
not to mention a new set of alarms and audits
that will go off when evildoers start misbehaving. 

I know my old Gauntlet customers are going to be
pretty happy, once they get over the shot.

tbird
Sidewinder evangelist
no, they don't pay me

On Wed, 20 Feb 2002, firewalls () msg net wrote:

> > http://biz.yahoo.com/prnews/020213/sfw069_1.html
> See also http://www.theregister.co.uk/content/55/24050.html
>
> Of all the potential suitors who might have purchased Gauntlet, Secure
> Computing's purchase is the best possible outcome. Still, I am somewhat
> concerned about Secure Computing's plans for the Gauntlet product line...
>
> When I first heard that NAI was looking to sell, we started a search for
> a 'enterprise' firewall product to which we could migrate with a minimum
> of pain and without compromising security.  Sidewinder was considered,
> but ultimately rejected, due to several issues:
>       * Only available on PC platform.
>       * Difficult to administer and customize.
>       * Nearly impossible to add custom services to the base product.
>       * Remote administration interface leaves much to be desired.
>
>
> I'm comfortable with Gauntlet on Solaris on Sparc hardware, to the degree
> that in a global Fortune-500 enterprise I am comfortable with deploying and
> managing firewalls in remote offices thousands of miles away, sometimes
> without ever actually seeing the hardware on which I am installing and
> running the firewall.
>
> I wouldn't have that level of trust in the reliability and remote
> maintainability of a product based on PC hardware.
>
>
> Kevin Kadow
> MSG.Net, Inc.
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards