[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Why choose Nokia? Here's why.
I agree with most of what you say, and I like Nokia. I have 5 of them. Their easy to manage, and with Checkpoint are very secure. However; without Checkpoint I'm not sure how pre hardened IPSO is. For a test: Add a rule in Checkpoint allowing any service to the Nokia box from a Nessus server. This means Checkpoint is not protecting it from that one server. Then run a scan and Nessus will come up with 51 security holes, 15 security warnings, and 4 notes. Remove the rule allowing full access, and Nessus will just tell you that it's running Checkpoint. I ran the same scan against one of my Linux boxes (not running checkpoint), and only got 1 hole, 7 warnings, and 4 notes. Based on this I can't see that IPSO (v3.2.1-fcs1) has been prehardened. My $0.02 Pete Goodridge --- Richard Peirce <[email protected]> wrote: > The Nokia appliance will also allow 10x the number > of connections that NT > and 3x the connections a Solaris box will. > > -----Original Message----- > From: Scott Schindler [mailto:[email protected]] > Sent: Thursday, September 21, 2000 2:46 PM > To: [email protected] > Subject: [FW1] Why choose Nokia? Here's why. > > > So many people talk about it being a simple box with > an Intel processor. > Why should anyone pay as little as $1500 to as much > as $18000 for a Nokia > appliance? (Note: the 110, which will be available > in October is quite > inexpensive) > > Full support of multiple routing protocols: IGRP, > OSPF... (Tried to do that > with NT lately) > > Built in High availability. How much is Stonebeat? > Check Point's solution? > ($12000 - $20000) > > Replaces not only the firewall but the exterior > router as well. That saves > me a good $2000 - $15000 dollars. > > Pre-armored OS. IPSO is a stripped down FBSD OS. > Instead of having to go > out and read Lance Spitzer's armoring OS docs and > implementing those > solutions correctly, it comes pre-armored to a great > degree. > > These are just some reasons to use Nokia. No one is > telling you it is the > best solution for every environment. Current lack > of gigabit support may be > an issue. One to be resolved soon however. But > these little things may > cause you to buy another solution. Many reports > specify that 70%+ of all > firewall solutions will be integrated by 2003. Sun > just bought a company so > they can sell their own appliance solution because > they know about this. > > The OS wars will always continue and now we have > hardware wars to worry > about too. Simply learn the true capabilities of > each and know your own > capabilities and go from there. I run CP FW-1 on > all 4 OSes: Solaris, NT, > Linux, and Nokia IPSO and they all work great. Some > need a little more love > and care than the others.(Linux) But they are all > fine choices. If money > is the issue. Nokia CAN be a great savings. > > __________________________________________________ Do You Yahoo!? Send instant messages & get email alerts with Yahoo! Messenger. http://im.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|