I am sure if enough companies were committing to Apple IIe as the platform
of choice for all systems that vendors would alter their products to run in
that environment. CheckPoint is simply following a market trend and
ensuring the continued revenue stream from their firewall products. That
they provide a system for NT does not indicate that the OS is secure, it
simply indicates that the OS is popular.
I have spent a lot of time in NT and I think it can be secured. I feel the
issue of NT vs. Unix comes into play when you compare what level of service
can be provided from a well-secured NT system versus a well-secured Unix
system.
Several contributors to the discussion have mentioned services they would
turn off or remove to secure any particular OS. I think it would be
informative to hear from everyone about what services to kill on each OS to
secure it for firewall use. At the very least we might actually get some
detail (you know, technical details...) involved in the discussion rather
than conjecture and the ocassional religious outburst ;-).
--------------------------------------------
Andrew Walls, IT Security Analyst, BankWest
40 Frame Ct., Leederville, WA, 6007, Australia
61-8-9449-3787, FAX 61-8-9449-3795 Mobile 0419926368
PGP Fingerprint: E0F7 296E D6D5 6057 1E1D F61B 2602 CB8A
---------------------------------------- Message History
----------------------------------------
From: "gill" <[EMAIL PROTECTED]> on 11/06/99 04:21
To: "Firewalls list" <[EMAIL PROTECTED]>
cc: (bcc: Andrew Walls/PRS/SS/BankWest)
Subject: Why not FireWall-1 on NT?
CheckPoint's FireWall-1 is sold to run on the following platforms:
HP-UX 10.x
AIX 4.2.1 and 4.3.0
Solaris 2.5 and higher
Windows NT Server 4.x Service Pack 3.01 (Intel-based only)
It has been my experience that the majority are installed on Solaris and NT
boxes.
My question for this discussion is this: why would CheckPoint take
FireWall-1 to NT? It seems that they are the commercial software firewall
leaders in the marketplace. Why would they risk jeopardizing their product
and their reputation by selling a product to be built on top of an OS that
isn't (or can't be made to be) secure?
This reasoning does not lead me to believe that the NT OS is an inherently
secure one, but it does lead me to believe even more strongly that the NT
OS
*can* be made secure and that the real important factor is the installation
and administration ... a point that has been made several times through the
course of this discussion.
--gill
=====================================
James Gill * http://www.topsecret.net
=====================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
_______________________________________________________________________________
Unencrypted electronic mail is not secure and may not be authentic.
If you have any doubts as to the contents please telephone to confirm.
This electronic transmission is intended only for those to whom it is
addressed. It may contain information that is confidential, privileged
or exempt from disclosure by law. Any claim to privilege is not waived
or lost by reason of mistaken transmission of this information.
If you are not the intended recipient you must not distribute or copy this
transmission and should please notify the sender. Your costs for doing
this will be reimbursed by the sender.
_______________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
