|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Why not watchguard 2 ? (read on)
Jen (jen
dangerousideas.com)
Mon, 21 Jun 1999 18:42:40 -0700
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: David LeBlanc: "Re: Forrester Research foresees death of firewalls"
- Previous message: Harvey Nusz: "Re: Forrester Research foresees death of firewalls"
- Maybe in reply to: SMITH, Michael Ottawa: "Forrester Research foresees death of firewalls"
I'm sure Watchguard's product is okay for some small companies, but it
has serious limitations if you're a larger company. Last we talked to
them, they couldn't do IP forwarding (they can do port forwarding). This
means that if you have two Web servers behind your firewall, you have a
problem. Also, the box assumes that you want to do IP masquerading.
This actually isn't bad for a some companies -- the less you can do, the
less you can do wrong (there are those who will say it gives you too
much false confidence, though). However, it just didn't work for us.
Jen
Wong Chun Meng wrote:
>
> Seeing as the ongoing debate on "why not NT" is getting repetitive (on some
> points IMHO), why not use a blackbox to solve the problems of a
> weak/misconfigurating an OS. With a blackbox, you don't have to worry
> anymore on the OS (if you trust the strip down Linux OS in watchguard that
> is) but just the configuration of the firewall. So now we have the question,
> is watchguard 2 any good? Is it on par with Firewall-1 (on a solaris for nix
> sake) in terms of the firewall security (regardless of securing solaris ok)?
> I was hoping you guys can give me some input on this.
>
> As I see it, some of you guys might argue to have the ability to have some
> control over the OS. Why so? Is it really important to have full control of
> the firewall OS? I can think of one reason actually, but it's not really a
> big issue... so my question again, is it really essential?
>
> TIA for any input. I'm actually presenting this argument to some
> vendor/clients. So any comments is deeply appereciated.
>
> Wong.
>
> -
> [To unsubscribe, send mail to majordomolists.gnac.net with
> "unsubscribe firewalls" in the body of the message.]
- Next message: David LeBlanc: "Re: Forrester Research foresees death of firewalls"
- Previous message: Harvey Nusz: "Re: Forrester Research foresees death of firewalls"
- Maybe in reply to: SMITH, Michael Ottawa: "Forrester Research foresees death of firewalls"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:19:01 CDT