I stand corrected about the OPSEC certification, the last I checked was
around last October at which point it was only Foundry equipment on the
list.
I'm using FW-1 4.1 with SP2, load-balanced with StoneBeat version 2.0 and I
still currently have issues with the VPN. We also had StoneBeat tech on site
to look at our configuration. He didn't find anything wrong with the setup,
however we still have VPN connectivity dropping on large file transfers. Not
to mention the fact that most of the time we need to take one of the
firewalls down to actually create the VPN tunnel. Other than that it works
fine.
Otto
----- Original Message -----
From: "Ben Nagy" <[EMAIL PROTECTED]>
To: "'Otto Goencz'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, February 06, 2001 6:32 PM
Subject: RE: Firewall Load-balancing/Redundancy
> > > Nope, but if your firewall is FW-1, Raptor or Gauntlet, another
> > > choice is StoneSoft's FullCluster: www.stonebeat.com ,
> > www.stonesoft.com -
> > > Their last version is quite good and stable. Check it out.
> >
> > That depends what you'll use the StoneBeat/FW-1 combo for.
> > For just firewall
> > services you're right, it's quite good. However, it still has
> > issues with
> > the VPN connections in load-balancing mode. The only OPSEC
> > certified product
> > for FW-1 is Foundry's ServerIron, as far as I know.
>
> Uh, I know nothing about FW-1, but according to this page:
> http://www.checkpoint.com/opsec/performance.html#HA_Load_Balancing
>
> There are four - Nortel's Alteon, Rainwall, Stonebeat and ServerIron.
>
> Without malice, can I ask if your opinion is recent (ie do you believe the
> website to be wrong with regards to all four of those products working -
> including VPN)?
>
> Also, F5 / BigIP isn't there - isn't that the product everyone uses with
the
> Nokia switches, or am I just crazy?
>
> > Otto
>
> Cheers,
>
> --
> Ben Nagy
> Network Security Specialist
> Marconi Services Australia Pty Ltd
> Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
