Pieter, You might take a look at some of The papers on Line at rr.sans.org. These are written by guys like you and me!
In terms of justifying FW-1 over a linux solution I did that at my company as part of the y2k initiative we had in 1999. My justification had little to do with the technical merits of one fw over another, but hinged on on the followine couple of points: 1) centralized management - the freebsd/linux solutions don't provide that. 2) single skill sets required - I didn't have to find a bunch of unix guru's to run the damned things. 3) accepted technology - while no one was entirely happy, no one could entirely tell me it was wrong either. Good luck, Dan -----Original Message----- >From: "Pieter Blaauw" <[EMAIL PROTECTED] >Sent: 3/20/02 2:05:50 AM >To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> >Subject: Firewall RFI & info > >Hi guys > >If this is OT, send someone over with a spiked club to teach me, but I >thought I'd ask this list. :) > >The current .co I work for has a set of firewalls being 'x' yrs old, >still based on FreeBSD 2.2.6 with some friendly interfaces etc. At the >time of their purchase much of it was a 'gholf course decision'. Now for >the new budget period we're trying to justify spending the money on >upgrading the units to Checkpoint's FW-1. In a RFI I sent it, it came >out on top, and while a FreeBSD / Linux solution would be great, not >enough people understand it to make hand-over and maintainance of it >easy enough. Also not all the functions on the RFI was needed, making it >not a powerfull enough object for argument over the older units. > >Can anyone assist me in advice in how to prove to management without a >doubt that the older units are in deed worth replacing? While I can >prove 'x' amount of nmap scans, not to mention the lack of stateful >inspection in the boxen, this is not convincing enough. I'm looking for >someone with some business savvy that may know of a whitepaper on such a >problem or anything of help. > >Kind regards >Pieter > >_______________________________________________ >Firewalls mailing list >[EMAIL PROTECTED] >http://lists.gnac.net/mailman/listinfo/firewalls
<<application/ms-tnef>>
