I haven't been working with Raptor's latest release so much but here are my 2 pences.
First you should consider if you want to have statefull inspection or proxy firewall? If you have answer to this question ready you have allready made your choice. The next question would be about the required protocols. Are you going to run any special protocol through the firewall and are these supported in the products? Is the organization which is going to monitor/configurate this system allready using a firewall product or is this the first one? The synergy of using just one platform enterprise wide is great from management and security point of view. Do you need any high-availability features? Cisco has HA inbuild to product. With Raptor you will need to have 3rd party component (HW/SW) for this feature. Are there any financial limits? <grin>. Raptor costs a bit more. However in the case of pure software product you can reuse your HW. (remember the TCO) Do you need to have compatibility with specific product? (for instance VPN gateway, Cisco is the most compatible thing I know and it even can be debugged somehow) If you haven't made your decision yet you can select Raptor because it has better security. For those who don't like personal opinions, please stop reading. ............ Here are my list of favourites (just remember that in the case of security products it is more important that you really know the product than what bells and whistles are inbuild) 1. Nokia IP-appliance (My manager would shoot me otherwise :-), inbuild support for dynamic routing protocols ) 2. Stonesoft Stonegate (little Finnish company, I was working over there so.. nice HA features) 3. CheckPoint FW-1 (you can do allmost anything, however if you don't know what to do it could be pain and I haven't enjoyed support from Checkpoint) 4. Network Associates (PGP/McAfee?) Gauntlet (Version 6 is nice, Proxy firewall) 5. Cisco PIX (great for simple evironments, enterprise management features immature) 6. Symantec Raptor (Digital, Compaq, Raptor.. Product has suffered to be sold too many times, I don't know if they have enough technical staff at Symantec. It is a pity though, they used to have best support of all) 7. Bridging firewall's. I just hate these, the problem is that I cannot ever configure these correctly first time and it takes hours of snooping to get some trickier configurations to work. (or to find out some kludge) Same thing as with women though, you just can't live without them.. rgds, Harri > -----Original Message----- > From: ext Chance Ellis [mailto:[EMAIL PROTECTED]] > Sent: 16 December, 2001 04:14 > To: [EMAIL PROTECTED] > Subject: PIX versus Symantec > > > I am new to this list so please excuse me if this has > been asked. I did a few searches that didn't turn much > up. > > This is an RFC on which solution would be better. I > understand things like current infrastructure may have > an impact and of course budget. But all of those > obvious things aside, which solution has better > technology? Which has the best feature set? Is there a > Pro/Con Apples to Apples comparison of firewalls out > there? > > Also, if someone recommends something other than PIX > or Raptor, what is it and why? > > Any help that can be provided is greatly appreciated! > > Thanks, > > Chance Ellis > > __________________________________________________ > Do You Yahoo!? > Check out Yahoo! Shopping and Yahoo! Auctions for all of > your unique holiday gifts! Buy at http://shopping.yahoo.com > or bid at http://auctions.yahoo.com > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
