RE: PIX vs CheckPoint

["Gary E. Miller" <gem () rellim com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo John!

On Thu, 1 Jul 2004 John.Airey () rnib org uk wrote:

> > I agree, except for one small problem.  Don't you still have to delete
> > ALL the filter rules, and reenter them ALL to change the order of the
> > rules? last I checked there was no "insert before", "insert
> > at top" sort
> > of options.  Just "insert at end".  This and other features can really
> > slow down the otherwise decent CLI.
> No longer true. The latest versions of the PIX CLI allow you to specify
> which line numbers, so you can insert rules where you want.

Gee, only took until version 6.2 to add a feature any firewall guru knows
is a basic requirement?

> > like the IOS CLI,
> > but has lots of subtle differences that will byte you when
> > you least expect
> > it.
> Can you name one? I find it a pain the other way round, like not being able
> to "write mem" when in configuration.

That one will do.  Not used a PIX in 3 years so my memory iis weak.  Not
actually backing up your config to NVRAM could have pretty interesting
consequences.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA5E/Y8KZibdeR3qURAtMbAJ0XCFnGPu6sZv7Wq0WQqrEZLkjIYgCfbbxy
1biUG15cGEnRMMo29fX45AI=
=0+MA
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html