[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] HTTP security sever woes on NG... almost there!
Hey all, First, let me say thanks to all for either writing me in private or posting to the list about what could possibly be done to get the HTTP security server working for me in my situation. With the answers from the list as well as what I've been able to find on the web I'm almost there. ALMOST. Everything was up and running spectacularly all day today when out of nowhere tonight the ahttpd.elg starts filling up with "Too many open files" error messages again. I'm jacking the max file handles setting and calling support tomorrow morning. I would like to stress something that Jim ([email protected]) said, "...but the fact remains, its in the manual, it should work... thats what the customers say!" I couldn't agree with this statement more. It _does not_ say in the manual that it should only be used for small networks or as a temporary solution as some of you guys have eluded to in commentary on the list. Checkpoint says it will work. Checkpoint says it will filter URLs. It doesn't work, and should for the money we paid for the unlimited licenses we purchased. Yeah, there are better solutions out there, such as reverse proxies and the like. However, the customer's site I'm working at has invested a lot of money in hardware and software. Why not leverage the system that's already in place (that the customer has already paid for) to bring some sort of additional benefit to them? Sure, I could recommend that they spend another $100k for a couple of NetCache's to do reverse proxying with, but why _should_ I if there's a product IN PLACE that _should_ provide the same capabilities (besides caching, but we're not looking for that here). I'm not bashing Checkpoint as a company or Firewall-1 NG as a product, as I think they are an excellent company that makes an excellent product... I just don't think they should market their product as being an "enterprise solution" if parts of that product can't keep up with enterprise demands. I'll get off my soapbox now. =) Thanks, Abe -- Abe L. Getchell Security Engineer [email protected] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|