Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1999_2

NFR Wizards Archive: RE: FW-1 Failover

RE: FW-1 Failover

Carric Dooley (carriccom2usa.com)
Wed, 23 Jun 1999 09:43:02 -0400 (EDT)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Sean Costello: "Re: FW-1 Failover"
Previous message: Kelvin Garrahan: "RE: FW-1 Failover"
Maybe in reply to: Kelvin Garrahan: "FW-1 Failover"
Next in thread: Sean Costello: "Re: FW-1 Failover"

Best of luck. I am sure once they see them in action, they can't help but
be impressed. These things rock.

Carric Dooley
COM2:Interactive Media
http://www.com2usa.com

On Wed, 23 Jun 1999, Kelvin Garrahan wrote:

> Carric,
>
> >From the response it seems that, the Nokia option is probably going to
> provide the most stable platform. Stonebeat looks interesting, but since I
> don't believe NT is stable for a 24*7 system, even with layered products to
> support it. I guess the problem will be introducing a new Hardware Router
> vendor into a CISCO site. Wish me luck!
>
> Regards
>
> Kelvin
>
> -----Original Message-----
> From: Carric Dooley [mailto:carriccom2usa.com]
> Sent: Wednesday, June 23, 1999 2:57 AM
> To: Kelvin Garrahan
> Cc: 'firewall-wizardsnfr.net'
> Subject: Re: FW-1 Failover
>
>
> Do what I did with my last client.. suggest the Nokia boxes. You will
> thank each other. They configure flawlessly for fail over, they have
> triple the throughput of NT, they come with 4 port NIC's and they do not
> have the aministrative overhead of either a Unix box or... dare I say?? an
> NT box. No hardening of the OS, just slep 'em in and fire 'em up. Set
> them up with VRRP and you are cooking. I have never actually see the PIX
> firewalls fail over... I have seen them fail. ;)
>
> Give it some thought and do some research. I have made our pair of Nokia
> IP440's fail-over and fail back at least 50 times with no hickups. I
> tested it while pulling an FTP session accross them. Most windows clients
> won't even notice (since the meter for throughut is usually an average).
> They fail over in about 2 to 3 seconds, and back in the same amount of
> time. It is really impressive. And the argument of "We don't have any
> unix guys to administer the box" falls flat.
>
> Carric Dooley
> COM2:Interactive Media
> http://www.com2usa.com
>
> On Tue, 22 Jun 1999, Kelvin Garrahan wrote:
>
> > Hi all,
> >
> > I am thinking of using FW-1 for a internal Firewall which will segregate
> > four networks of different security levels. The configuration is to be on
> > NT, with four Ethernet cards. The choice of platform is customer driven,
> my
> > original plans where to use Cisco's PIX. The main problem I have is
> > providing failover for the FW-1. With PIX this is not a problem. I know
> FW-1
> > supports failover/load sharing, but will this work with four interfaces?
> >
> > Has anyone any experience with creating resilience for multiple DMZ FW-1
> > configurations?
> >
> > Regards
> >
> > Kel.
> >
> > Kelvin Garrahan
> > Internet Technologies Consultant.
> > Network Services,
> > Park House,
> > N.C.R.,
> > Dublin 7.
> > > kelvin.garrahancompaq.com
> > >
> > >
> >
>

Next message: Sean Costello: "Re: FW-1 Failover"
Previous message: Kelvin Garrahan: "RE: FW-1 Failover"
Maybe in reply to: Kelvin Garrahan: "FW-1 Failover"
Next in thread: Sean Costello: "Re: FW-1 Failover"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:19:01 CDT