NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Why choose Nokia? Here's why.



I agree with most of what you say, and I like Nokia. 
I have 5 of them.  Their easy to manage, and with
Checkpoint are very secure.

However;  without Checkpoint I'm not sure how pre
hardened IPSO is.  For a test:

Add a rule in Checkpoint allowing any service to the
Nokia box from a Nessus server.  This means Checkpoint
is not protecting it from that one server.  Then run a
scan and Nessus will come up with 51 security holes,
15 security warnings, and 4 notes.  

Remove the rule allowing full access, and Nessus will
just tell you that it's running Checkpoint.

I ran the same scan against one of my Linux boxes (not
running checkpoint), and only got 1 hole, 7 warnings,
and 4 notes.

Based on this I can't see that IPSO (v3.2.1-fcs1) has
been prehardened.

My $0.02
Pete Goodridge


--- Richard Peirce <[email protected]>
wrote:
> The Nokia appliance will also allow 10x the number
> of connections that NT
> and 3x the connections a Solaris box will.
> 
> -----Original Message-----
> From: Scott Schindler [mailto:[email protected]]
> Sent: Thursday, September 21, 2000 2:46 PM
> To: [email protected]
> Subject: [FW1] Why choose Nokia? Here's why.
> 
> 
> So many people talk about it being a simple box with
> an Intel processor.
> Why should anyone pay as little as $1500 to as much
> as $18000 for a Nokia
> appliance? (Note: the 110, which will be available
> in October is quite
> inexpensive)
>  
> Full support of multiple routing protocols: IGRP,
> OSPF... (Tried to do that
> with NT lately)
>  
> Built in High availability.  How much is Stonebeat? 
> Check Point's solution?
> ($12000 - $20000)
>  
> Replaces not only the firewall but the exterior
> router as well.  That saves
> me a good $2000 - $15000 dollars.
>  
> Pre-armored OS.  IPSO is a stripped down FBSD OS. 
> Instead of having to go
> out and read Lance Spitzer's armoring OS docs and
> implementing those
> solutions correctly, it comes pre-armored to a great
> degree.
>  
> These are just some reasons to use Nokia.  No one is
> telling you it is the
> best solution for every environment.  Current lack
> of gigabit support may be
> an issue.  One to be resolved soon however.  But
> these little things may
> cause you to buy another solution.  Many reports
> specify that 70%+ of all
> firewall solutions will be integrated by 2003.  Sun
> just bought a company so
> they can sell their own appliance solution because
> they know about this.
>  
> The OS wars will always continue and now we have
> hardware wars to worry
> about too.  Simply learn the true capabilities of
> each and know your own
> capabilities and go from there.  I run CP FW-1 on
> all 4 OSes: Solaris, NT,
> Linux, and Nokia IPSO and they all work great.  Some
> need a little more love
> and care than the others.(Linux)  But they are all
> fine choices.  If money
> is the issue.  Nokia CAN be a great savings.  
> 
> 


__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.