(I'm probably biased here so stop reading right now ;))
Shay Hugi wrote: > > Do you guys (GURUS!) consider this issue while buying a product.. I mean > the existence of a good management system.. Yes, I definately consider a good management system a requirement. > A web-based system? Although this would make me look elsewhere :) > Snmp management supported? As would this :) At least if you mean "remote control" via SNMP. Read-only access to a well-restricted set of firewall statistics is another thing altogether, assuming they've implemented their ASN.1 parsers correctly, something which apparently wasn't that easy. :/ > And other features... Such as > graphs, syslog traps and firewall logs analysis? - Graphs? Maybe. Small plus, but not a requirement. With SNMP read-only access, one can use RRDTool and a bit of homebrew SNMP polling to get at most everything that one needs. Or just MRTG if you just want raw traffic stats quickly. Or any other SNMP management system for that matter. - "syslog traps" don't exist :) - SNMP traps can probably be a good thing. - Syslogging is definately a big plus. - Log analysis... well... I have yet to see a firewall vendor doing "intelligent" analysis (no, I don't consider traffic/web hit statistics to be log analysis), so.. nah. A good interface to get at the raw log data -- Yeah, that's a requirement (plain syslog solves a lot of this as far as I'm concerned -- I like writing my own specialized log parsers suited for a specific installation) > Or that you count on the good old CLI for this job? Not with 500+ rules and 10+ physical interfaces :) -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com "Senex semper diu dormit" _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls