On Mon, 6 Mar 2000, Ashley Culver wrote:
> Hi everyone,
>
> I made an enquiry a little while back about F\W's with minimum impact on
> installation - thanks to all who responded !
>
> Two products seem to stand out. The Lucent 'Brick', which acts as a bridge
> rather than a router and the Netscreen-100, which has a 'transparent' mode.
> The Lucent product seems pretty clear about itself. It bridges rather than
The Brick has some noticeable advantages over most of the firewalls out
there; you can go back in 'time' on the firewall and see all of the
traffic that the firewall has passed ( great for IDS!), it's interfaces
are seen as four independent interfaces (unlike the PIX which groups
things into seperate, non duplicatable security levels) and it has the
concept of a seperate management station, which runs in Java.
Also, the brick itself runs a virtual machine, which the firewall code
runs on top of (similiar to the Java VM, but developed by lucent expressly
for the Brick)
If our compnay hadn't been manhandled into buying the PIX by Cisco's
smartstart program, I would have purchased about 8 of these boxes. They're
great firewalls and they're so easy to admin.
After running a collection of PIXes for the last few months I'm not
pleased. The command structure is difficult to deal with, logging options
are excessive (no filtering, etc) and it is difficult to admin a large
collection of them at once. Lucent's management console gives you access
to a number of bricks, over a secure encrypted interface.
-john
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
