I'm sure this will generate a lot of opinions :-) We want to take a look at upgrading some rather dated Cisco firewalls. We've been a Cisco shop since, well... forever.
We want to look beyond Cisco (if necessary) to get some real best-of-breed solutions. Of course, everyone's requirements are different, and ours are often "really different". We have a set of requirements based on our current systems and architectures, but want to get a more comprehensive evaluation and see what other people have done for their evaluations. We do lots of product evaluations, but want to see if anyone has some ideas for evaluations that we've missed in the past, or if there's anything we can point to as an "industry standard or best practice". So, I'm looking for references on firewall evaluation *methodologies* and *tools*, not specific firewall requirements or firewall product recommendations, although those requests may come later. So, before we go roll our own: First, does anyone have a standard, documented evaluation methodology that they are aware of or even liked? I'm not a PCI or e-commerce person, and my DoD-fu is very dated. Are there standard methodologies from those (or other) areas? Second, anyone have a favorite tool for functional/stress/performance testing firewalls? Feel free to reply off list and I'll keep any private replies, well, private. Thanks, --tep _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
