Hi,
I've been running Checkpoint FW-1 on a FreeBSD/Nokia box for a while here,
and I while I like the product technically, I think I am finally at that
point where I am fed up with the support/services/reseller infrastructure
behind it and would like to look at other options.
At the time that I was evaluating firewalls back in December of '98, the two
biggest stateful inspection firewalls were FW1 and PIX. Raptor was
considered to be the best app proxy firewall. I guess my question is, what
would you guys say is now the best firewall solution outside of FW-1??
Okay, I know that's a silly question, like all "what's the best?" questions,
it would depend on my needs. Let me give you some idea of what I'd like it
to do, in no particular order:
1. Protect a small network of ~40 computers from prying eyes outside of
the company. Certain files getting in the wrong hands would be disastrous to
our business.
2. Prevent DoS attacks to our website when it becomes operational.
3. Allow VPN access to our network from home for 1-3 people.
4. Have configurable rules, ala FW1, that would let me see exactly what
is and is not blocked.
5. Allow rules to be created that deny certain inside-out access, such
as users using AIM, etc...
6. Run on a relatively secure platform (or one that can be made secure)
(preferably not NT, though I don't know how far that's come in this realm
since I was evaluating them. At that time, it was, "Stay the heck away from
running a firewall on NT".
7. Have a good service/support infrastructure. Software patches show up
at my door when they're released, or can be downloaded, a good support
hotline for help, and hopefully some local (Massachusetts) reps for onsite
help at times.
Thanks for any ideas you could throw my way...
Evan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
