Firewall Wizards mailing list archives
Re: Opinions wanted...
From: "Kurt Buff" <kurt.buff () gmail com>
Date: Sun, 25 Nov 2007 12:36:10 -0800
On Nov 23, 2007 6:54 AM, Chris Blask <chris () blask org> wrote:
Hey Kurt!
<snip>
The real answer is "whatever work for you is best", but I'll toss my opinions on the plate for what they are worth. Keep in mind that I don't actually manage any of these things, so others on the list will have more tactical thoughts than I do.
That's always the correct answer - but since I have experience with none of them, and can't peer into the future, I'm asking questions. :)
o Sidewinder has arguably the "best security" if you can figure it out. It's a true security geek's firewall, application proxies and roots deep in US gov't use. Still popular afaik among military types and hard-core technical users. o Checkpoint can also be as complicated as you like, but by nature a simpler firewall with a much larger user base and more intended for the Great Unwashed. While I spent a decade being their #1 competitor, I have always said that anyone would be fine choosing them if they wanted to. o If you want something reliable and hard to screw up I'd recommend PIX (call it ASA if you like), functionally much like WG and with all the advantages of being supported by The Borg. Your employers are much more likely to find a replacement for you who knows Cisco inside out than someone who knows Sidewinder, and marginally more so than CP (whether you find that to be good or bad is your call...). I'm rife with biases here, so take it for what it is worth.
Thanks. While I have no opinion on PIS/ASA, due to lack of experience with them, I wonder about the cost/benefit ratio, as I've found Cisco equipment usually rather pricier than I wanted for the value received. And, I'm sure the VARs recommending Checkpoint and Sidewinder have their own axes to grind as well, but for now those are the two under consideration, and muddying the waters with Cisco is just going to slow down the process. Thanks for the insight. Kurt _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Opinions wanted... Kurt Buff (Nov 23)
- Re: Opinions wanted... Timothy Shea (Nov 23)
- Re: Opinions wanted... Dave Piscitello (Nov 23)
- Re: Opinions wanted... Kurt Buff (Nov 25)
- Re: Opinions wanted... Kurt Buff (Nov 25)
- Re: Opinions wanted... dlang (Nov 25)
- Re: Opinions wanted... Dave Piscitello (Nov 23)
- Re: Opinions wanted... ArkanoiD (Nov 25)
- Re: Opinions wanted... Kurt Buff (Nov 25)
- Re: Opinions wanted... Chris Blask (Nov 25)
- Re: Opinions wanted... Cat Okita (Nov 25)
- Re: Opinions wanted... Kurt Buff (Nov 25)
- <Possible follow-ups>
- Re: Opinions wanted... dlang (Nov 26)
- Re: Opinions wanted... Timothy Shea (Nov 23)