Firewall Wizards mailing list archives

RE: Centrally managed firewalls

From: Patrick Sweeney <SweeneyP () mascorp com>
Date: Wed, 12 Jun 2002 11:31:01 -0700

CheckPoint, StoneGate, NetScreen, and GNATbox come immediately to mind,
though there are certainly others.  CheckPoint and StoneGate offer a
centralized policy model, wherein policy for remote sites is maintained (and
stored) at a management station, and pushed out to the remote(s).  I think
NetScreen was on the verge of offering that as well, but even so, both
NetScreen and and GNATbox offer remote management too... it's just that the
policy lives just on the remote(s).   

Should you want VPN capability somewhere down the road, each also has VPN
options.

   http://www.checkpoint.com
   http://www.stonesoft.com
   http://www.netscreen.com
   http://www.gta.com


You might want to poke around in the SANS reading room:
   http://rr.sans.org/firewall/firewall_list.php



Standard disclaimer:  I have no affiliation with any of the vendors, but I
use each of the ones I've mentioned.  Each has its plusses and minuses.

- Patrick Sweeney







-----Original Message-----
From: Jan van Rensburg [mailto:jan.van.rensburg () epiuse com]
Sent: Wednesday, June 12, 2002 5:41 AM
To: firewall-wizards () nfr com
Subject: [fw-wiz] Centrally managed firewalls


Hi,

Does anyone know of a firewall solution for multiple firewalls at 
diverse geographic locations? Say we have locations A, B and C all 
connected by leased lines. Each location has a LAN, DMZ and maybe some 
other zones. You want all the LANs to be able to communicate with each 
other without restriction and only make connections to other places on 
the Internet according to a couple of rules. Apart from that each 
firewall will have its own rules about what to allow to the DMZ, for 
example. I want all the firewalls to be managed from a central location 
that pushes new rules to the firewalls. Does anyone have experience with 
something like this?

Thank you,
Jan van Rensburg




-->> Content ends here.  Legalese follows.  (sorry)  <--









.
Disclaimer: The information contained in this transmission, including any
attachments, may contain confidential information of Matsushita Avionics
Systems Corporation.  This transmission is intended only for the use of the
addressee(s) listed above.  Unauthorized review, dissemination or other use
of the information contained in this transmission is strictly prohibited.
If you have received this transmission in error or have reason to believe
you are not authorized to receive it, please notify the sender by return
email and promptly delete the transmission.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Centrally managed firewalls Jan van Rensburg (Jun 12)
- Re: Centrally managed firewalls Carl Brewer (Jun 13)
- Re: Centrally managed firewalls Jim MacLeod (Jun 13)
- Re: Centrally managed firewalls Holger Kipp (Jun 13)
- Re: Centrally managed firewalls m p (Jun 13)
- Re: Centrally managed firewalls Rick Smith at Secure Computing (Jun 14)
- <Possible follow-ups>
- RE: Centrally managed firewalls Patrick Sweeney (Jun 13)
- RE: Centrally managed firewalls Chad Schieken (Jun 14)