| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] 2 nokia questions on NG fp3, 1) are 64MB 330's suffici ent, 2) is anyone using ipso 6, with vrrp wide open
- To: [email protected]
- Subject: Re: [FW-1] 2 nokia questions on NG fp3, 1) are 64MB 330's suffici ent, 2) is anyone using ipso 6, with vrrp wide open
- From: Shawn Behrens <[email protected]>
- Date: Mon, 8 Sep 2003 12:31:14 -0400
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
> 1) I'm migrating to fp3 from 4.1. I have nokia's for the
> enforcement, some
> of them are 330's with 64Mb. They work for 4.1 but is 64 MB
> enough for NG.
Absolutely not enough. 128MB is the minimum, 256MB would be recommended. Go
with 256MB on those boxes.
> 2) Is anyone using ipso 6.x, for internet firewalls? ver 6.x does not
> require a rule for vrrp because it's automatically allowed,
> ver 7.x and 5.x
> does require the rule. Is this not a security issue?
We use IPSO 3.6-FCS7. Yes, this is a security issue, which is why ISPO 3.7
changes this behaviour again.
Regards
Shawn Behrens
Integralis/Activis Managed Security Services
111 Founders Plaza
East Hartford, CT 06108> 1) I'm migrating to fp3 from 4.1. I have nokia's for the
> enforcement, some
> of them are 330's with 64Mb. They work for 4.1 but is 64 MB
> enough for NG.
> The usage is NAT, 100-200 connections /min and no vpn
> requirements, rule set
> of 20-30 lines.
>
> 2) Is anyone using ipso 6.x, for internet firewalls? ver 6.x does not
> require a rule for vrrp because it's automatically allowed,
> ver 7.x and 5.x
> does require the rule. Is this not a security issue?
>
> any help appreciated
>
> Rob
>
>
> <font face="Times New Roman" size="3">
> <p>-----------------------------------------------------------
> -------------------</p>
> <p> This e-mail may be privileged and/or confidential, and
> the sender does not waive any related rights and obligations.
> Any distribution, use or copying of this e-mail or the
> information it contains by other than an intended recipient
> is unauthorized. If you received this e-mail in error, please
> advise me (by return e-mail or otherwise) immediately.</p>
> <p> Ce courriel est confidentiel et protégé. L'expéditeur ne
> renonce pas aux droits et obligations qui s'y rapportent.
> Toute diffusion, utilisation ou copie de ce message ou des
> renseignements qu'il contient par une personne autre que le
> (les) destinataire(s) désigné(s) est interdite. Si vous
> recevez ce courriel par erreur, veuillez m'en aviser
> immédiatement, par retour de courriel ou par un autre moyen.</p>
> <p>====================================================</p>
> </font>
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
Please note that:
1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information.
2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices.
3. The contents of this email are those of the individual and do not necessarily represent the views of the company.
4. The company does not conclude contracts by email and all negotiations are subject to contract.
5. The company accepts no responsibility once an e-mail and any attachments is sent.
http://www.integralis.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
