Re: Firewalls Compared

["Paul D. Robertson" <paul () compuwar net>]

On Mon, 21 Jun 2004, kashif wrote:

> Hi,
>
> I want to compare two firewall ( Technical Aspects ) only PIX Vs Checkpoint
>  has anybody done anything similar or could point out "what aspects" do we
> need to compare.

1.  How well do the boxes implement my proposed security policy.
2.  Do they pass testing for implementing my security policy.
3.  How do the boxes perform implementing my security policy[1.]
4.  What is my upgrade path should my performance requirements change?
5.  How well can the devices be administered by multiple levels of
    people if my security policy defines and requires such.
6.  Historically, how well has the vendor done.
7.  What does it take to make them fall over.  If you can't make them fall
    over, you're not testing hard enough.
8.  How intuitive is my security policy when added to the systems.
9.  Failover/backup issues (test both.).
10.  License issues (how do they handle license failure, and how long
does it take to recover.)

Paul
[1.]  I once missed the perfect chance for a rejoinder when a certain
firewall developer said "I've written things which scale well with
authentication, so I'm basing this on my experience."  I should have
replied "I tried to deploy your product with authentication on, and it
scaled not one bit, so I'm questioning your information based on my
experience."
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards