Re: [FW1] OT - RADWare's Fireproof

Fri, 02 Jun 2000 12:59:44 -0700 


Ivan,

Well right off the bat, my first comment is that you'll need a minimum of one
Radware device for each firewall interface (2 firewalls with 3 interfaces each =
minimum of 3 hardware load balancers).  I just went through a pretty grueling
evaluation of Radware, Cisco Local Director, Foundry ServerIrons, Stonebeat and
Nokia firewall appliances.  Right now, I run two Sun e250's using standard FW-1 4.0
syncing and OSPF routing (2 second hot failover but no true load balancing).  So we
were looking to implement a solution that would incorporate load balancing as well.
In the end, we decided the following:

-Sonebeat was too hard to administer and upkeep (plus tech support wasn't exactly
great)
-Cisco Local Director did not have enough features (and required numerous LDs for
each FW interface)
-Radware Fireproof seemed slightly immature, but could be a contender in the next
year or so
-Foundry ServerIron's work great, require no real learning curve (since they look
strikingly similar to Cisco IOS), scale well, and have great tech support, but
suffer from the same problems as the rest of the hardware based solutions, in that
you need at least one per firewall interface (see definition above)
-Nokia has VRRP which reportedly works extremely well, has pretty good tech support,
has a good cost margin, but doesn't do true load balancing yet.

In the end, I believe we've decided to stay with our current OSPF solution for now.
Ultimately, however, it looks like we're leaning towards a combined
hardware/software (read firewall appliance) such as what Nokia has to offer.  The
other hardware exclusive solutions became too costly for our redundancy
requirements.  Just my .02p.

Jason

http://www.wittys.com

Ivan Fox wrote:

> We are introduced RADWare's Fireproof to replace StoneBeat Full Cluster.
> Any comments/suggestions are greatly appreciated.
>
> Regards,
>
> Ivan
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to