[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Checkpoint vs. Cisco VPN Client
Also, if you use Checkpoint's client in the SecureClient mode you gain some control over the connectivity to the client for inbound connections. This allows users to access the Internet "safely" while using the VPN into work as the Checkpoint client will block access to your box that's not initiated from your box (will do this even when you're not connected to the VPN). Cisco's client will allow this type of access as well but, when used in this split mode, will need a desktop firewall like Tiny Firewall, BlackIce, or ZoneAlarm for protection. However, that being said, the Cisco client is supposed to have this functionality very soon. As far as Unix clients are concerned, I've been reading that people have been having some luck running the SecureClient product under Wine or VMWare on Linux. However, this is not the same as having a supported Unix client. Good luck. Kevin Martin [email protected] Stafford Trading Inc. Chief Security Officer Chicago, IL 60604 TEL230 S. LaSalle, Ste. 688 -----Original Message----- From: Hawkins, Michael [mailto:[email protected]] Sent: Thursday, January 24, 2002 2:20 PM To: [email protected] Subject: Re: [FW-1] Checkpoint vs. Cisco VPN Client Cisco WILL authenticate against all of the security providers that Checkpoint will. I think Checkpoint has alot of room for improvement on the customer support side. You can't beat Cisco's customer support. Also, Checkpoint doesn't have clients for Unix. Cisco VPN client does. This is a big plus for Cisco. MH -----Original Message----- From: Don [mailto:[email protected]] Sent: Thursday, January 24, 2002 2:58 PM To: [email protected] Subject: Re: [FW-1] Checkpoint vs. Cisco VPN Client > Okay, we have a new boss how loves Cisco and he thinks it is the answer > to all. So, he has already ruled that all Site-to-Site VPNs are to be > replace with Cisco gear. Now he is asking about the client side of > Checkpoint. So, I need some strong facts as to why Checkpoint has a > better VPN setup for the client side than Cisco. Unfortunately I am not > up on Cisco products to much, but I hear that you can use Microsoft's > IPSEC client to connect to a Cisco VPN device instead of using the Cisco > client. I think this is the main reason he wants to use Cisco. Can you > use Windows 2K to connect to Checkpoint or do I have to use the > Checkpoint Client? The Win2k client can be used, but I believe it needs to be set up as a site to site VPN with a static IP and can not be used to replace SR. Also, SR has become a lot more flexible and a lot more powerful recently. Deploying SR with the packaging tool is now almost a trivial task. CheckPoint can authenticate against RADIUS as well as ACE, LDAP, and a variety of other servers making it more flexible. Cisco only permits RADIUS and TACACS+ I believe. While I like the Cisco product line, I think they still have a lot of room for improvement. -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= <<Disclaimer>> This electronic mail is intended only for the use of the addressee(s) named herein. Unless otherwise specifically stated, the views contained and expressed in this electronic mail are strictly those of the individual sender and are not the views of the Company or any of its Directors or other employees. If you are not the intended recipient of this electronic mail, you are hereby notified that any dissemination, distribution or coping of this electronic mail is strictly prohibited. If you received this electronic mail in error please immediately notify us by return electronic mail and delete this electronic mail from your system. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|