Firewall Wizards mailing list archives
Re: Firewalls Compared
From: Dave Piscitello <yodave () hargray com>
Date: Mon, 21 Jun 2004 16:02:00 -0400
Paul, good list (I'd love to have your permission to publish it at LOOP.interop.com, with your attribution, of course). I would add:
11. What methods does the firewall provide to assist me in asserting my security policy is enforced: specifically, are the log entries generated sufficiently detailed? 12. Perhaps included in your thinking regarding upgrade path, but authentication rather than performance-focused: does the firewall support all present and projected auth methods; if PKI, who's certs? I'd also add related checks if you intend to use an IPsec VPN for remote access - origin of client SW (who wrote it), - availability of non-Windows clients (if appropriate), - reliability/track record of client SW vis-a-vis install across different Win OS and hardware - suitability of client for use with other firewalls (if multi- organizational collaborative/B2B/B2C is something you must satisfy) - client policy administration/enforcement method I know this goes beyond "just a firewall" so if O/T ignore. At 11:47 AM 6/21/2004 -0400, Paul D. Robertson wrote:
1. How well do the boxes implement my proposed security policy. 2. Do they pass testing for implementing my security policy. 3. How do the boxes perform implementing my security policy[1.] 4. What is my upgrade path should my performance requirements change? 5. How well can the devices be administered by multiple levels of people if my security policy defines and requires such. 6. Historically, how well has the vendor done. 7. What does it take to make them fall over. If you can't make them fall over, you're not testing hard enough. 8. How intuitive is my security policy when added to the systems. 9. Failover/backup issues (test both.). 10. License issues (how do they handle license failure, and how long does it take to recover.)
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewalls Compared kashif (Jun 21)
- Re: Firewalls Compared Paul D. Robertson (Jun 21)
- Re: Firewalls Compared Gwendolynn ferch Elydyr (Jun 21)
- Re: Firewalls Compared Dave Piscitello (Jun 21)
- Re: Firewalls Compared Ryan M. Ferris (Jun 22)
- Re: Firewalls Compared Paul D. Robertson (Jun 22)
- Re: Firewalls Compared Devdas Bhagat (Jun 22)
- Re: Firewalls Compared Paul D. Robertson (Jun 22)
- Re: Firewalls Compared Devdas Bhagat (Jun 22)
- Re: Firewalls Compared Paul D. Robertson (Jun 23)
- Re: Firewalls Compared Paul D. Robertson (Jun 21)
- RE: Firewalls Compared Laura Taylor (Jun 26)
- Re: Firewalls Compared ArkanoiD (Jun 28)
- RE: Firewalls Compared Laura Taylor (Jun 28)
- Re: Firewalls Compared Marcus J. Ranum (Jun 28)