I suppose your manager is so STUPID than if his friend tell
him
than to recover those 40% of bandwith he just have to
replace
all his policies by a simple rule "any any any
ACCEPT"
he will be stupid enough to do it as his friend told
him.
Sound to me like the perfect candidate to open virus
attachment
as it came from a "Friend".
He doesn't accept a NO as an aswer but it took 40% of
bandwith
loss without any further
explaination.
If it was the case it would be long time now it would
be
known by every one, FW-1 is one the most deployed, if not
the
most deployed, high end firewall.
Sorry but i would not want to work for your
manager...
Your are a poor man.
P.S. I have a 100Mbits pipe to my DMZ and i don't see
any
VISIBLE bandwith difference when
i access machine on the
DMZ for maintenance from my internal
network if i access
it with the FW-1 active or
disabled...
END OF INTERNET BANDWITH WASTING :)
Yves Belle-Isle
----- Original Message -----
Sent: Saturday, December 08, 2001
08:21
Subject: Re: [FW-1] Checkpoint and
Internet bandwidth
Your reaction was the same as mine .. but my manager insisted that this
was true (a friend of his told him so), and he could not accept no as an
answer, and made me doubt as well. By the way I am using FW1 v4.1
SP5 without the 3DES encryption or any other bells and
whistles.
rgds
Alex
You're kidding, right?
First off, Checkpoint is a company, not a product. Secondly,
they've been known to take 40% of my budget at times but never 40% of
available bandwidth. ;)
CP
primarily produces FW and VPN software. Aside from the slight packet
overhead associated with VPNs and encapsulation or possibly the remote
management of the device, can you think of ANY way in which ANY FW product
will chew up bandwidth? For god's sake, think about what a FW does
before asking questions like that.
Chris
Is it true that Checkpoint takes 40%
of your available Internet bandwidth, and if so is there anything that
can be done to reduce
it?
|