[68811] in North American Network Operators' Group
Re: Firewall opinions wanted please
daemon@ATHENA.MIT.EDU (Rachael Treu)
Wed Mar 17 11:27:32 2004
Date: Wed, 17 Mar 2004 11:07:42 -0600
From: Rachael Treu <rara@navigo.com>
To: Nicole <nmh@daemontech.com>
Cc: nanog@nanog.org
In-Reply-To: <XFMail.040316142716.nmh@daemontech.com>
Errors-To: owner-nanog-outgoing@merit.edu
Netscreen rocks. They are record-breakingly sexy devices running the gamut
as far as networks they can be configured to service and they burlier beasties
are easily worthy of deployment on a carrier class network.
However, if you're looking to drop small change on a product that will not
be required to withstand the rigors of VPN termination, HA, VRRP, blah
blah blah, and you are trying to cover basic, fundamental firewalling
(port filtering is a very base feature and should open the doors to many
other vendors if that's truly the brunt of what you are trying to achieve),
then take a gander at PIX. Or even Raptor or Checkpoint. All 3 are old
standbys that have seen their days being equally celebrated as leaders
and mourned as losers.
boa sorte,
--ra
--
k. rachael treu, CISSP rara@navigo.com
..quis costodiet ipsos custodes?..
On Tue, Mar 16, 2004 at 02:27:16PM -0800, Nicole said something to the effect of:
>
>
>
> Hi
> I am looking for a good but reasonably priced firewall for a 40 or so server
> site. Some people swear by Pix, others swear at it a lot. Also I have heard
> good things about Netscreen. Or any others you would recommend for protecting
> servers on a busy network. Don't really need anything with VPN just the
> standard http, ftp, ssh, https, type traffic up to 100mb throughput.
> From what I have heard a proxy firewall would be best?
>
>
>
> Thanks in advance!!
>
>
> Nicole
>
>
>
>
>
> --
> |\ __ /| (`\
> | o_o |__ ) )
> // \\
> - nmh@daemontech.com - Powered by FreeBSD -
> ------------------------------------------------------
> " Daemons" will now be known as "spiritual guides"
> -Politically Correct UNIX Page
>
