[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] RE: [rapt] Checkpoint vs. Raptor
I have rencently reviewed the 10 & 100 versions of this product here. The issues that I have with it are as follows: Limited logging capability and only really with a third-party package to get much usability out of it. (ie, web-sense, webtrends et al). The logging only provides IP addresses, and port numbers. There is no way for it to also provide URL information (ie, http & ftp requests for exactly what file is being requested). Limited flexability. Only has three interfaces and those interfaces are hard-set for certain functions. Ie. Trusted -> Untruted WILL NAT. Limited number of static NAT's at the firewall for reverse mapping. et al. All in all though it looks ok if: 1) You do not have the technical expertise to really get down and dirty with a firewall. (SOHO, remote shop et al). 2) You don't have a need for a flexible solution. Ie. install it and forget it with no plans to build a changing environment. 3) You're need for detail logging is not great or required. Steve -----Original Message----- From: Raymond Banfield [mailto:[email protected]] Sent: Monday, October 02, 2000 18:29 To: Firewall Mailing List (E-mail) Subject: [FW1] RE: [rapt] Checkpoint vs. Raptor Can I ask what people think of Netscreen >From what I can see, it is very secure, fairly easy to set-up a VPN (at least in a lab environment) and is very fast, with various models producing speeds of 10 MB/s / 100MB/s 80 something with 3des and the high end model 1Gigabyte And it is all proprietary, as opposed to based on another OS like IPSO or BSD Makes a very easy and efficient firewall IMHO Ray -----Original Message----- From: Gutkowski, Martin [mailto:[email protected]] Sent: Friday, 29 September 2000 21:52 To: [email protected] Cc: Colin Weiner; 'Chris Poulin' Subject: RE: [rapt] CheckPoint vs. Raptor We supply and support both platforms, including Nokia FW-1, It basically comes down to speed, security and crucially the number of interfaces you need. The Nokia's shine when you want a 12-port firewall. However the Raptor's are more configurable, although not as good looking as the FW-1 console. If you have a complicated rulebase, Raptor is much nicer to troubleshoot because of its prioritising the "most specific" rule. You can get into horrible circular arguments in the FW-1 rulebase which are simply not an issue in Raptor. Again though, it comes down to the complexity of the rulebase and the number of interfaces. As a rule, we like to push Raptor more than FW-1, but it has to be said that most of our customers using VPNs go the FW-1 route. As a support engineer for both platforms, I much prefer Raptor. Martin * - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - * This list is sponsored by FireTower, Inc. -- Security Consulting * * Before posting, please check the following resources: * Patches/Hotfixes... http://www.raptor.com/cs/patches/ * Raptor FAQs........ http://www.raptor.com/cs/FAQ/ * FireTower FAQs..... http://www.firetower.com/faqs/ * List Archives...... http://firetower.com/archives.html * - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - **************************************************************************** ********* This email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **************************************************************************** ********* ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|