Steve,
I'm not going to get in a pissing match with you especially when you point me to a website that is trying to sell me something, but my guess is that any vulnerabilities listed would be for retired product lines. (At least a quick check of *CURRENT* Watchguard products seems to indicates 0 vunribilities, so I'm gonna have to take your word for the rest of it.) If you're gonna qualify a statement like that, you'd better make sure you qualify it for both sides. I'd hazard a guess that *EVERY* product designed as a firewall has at least one vulnerability discovered for it, and that *INCLUDES* ISA. (Don't make me whip out past ISA vulnerabilities and the disasters that surrounded them.) How a company handles those discoveries is far more important. My point to Dr. Shinder was that his response was in no way helpful in answering the question asked. Just *ANOTHER* of his flame inducing posts that start the same old flame wars that we've all done 100's times in the last 10 years. (My Gawd people, we *HAVE* been answering questions on this list for 10 *YEARS* We're getting old.) And it seems that you and I are taking that bait. From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: Monday, December 31, 2007 9:50 AM To: NT System Admin Issues Subject: RE: SonicWall NAT'ing question Hmm. Check secunia.org for vulnerabilities on all the products you've mentioned..then check on compromises on the same products. Not 1 report of a compromised ISA protected environment since ISA 2000. Can't say that about the rest... S From: Jim Majorowicz [mailto:[EMAIL PROTECTED] Sent: Monday, December 31, 2007 1:15 PM To: NT System Admin Issues Subject: RE: SonicWall NAT'ing question Dr. Shinder, Despite what you seem to want to believe there are other equally good (Even better, IMHO) firewalls out there that come in appliances. That's not to say that ISA isn't a good product, as it has it's uses, but so do SonicWall, Watchguard and Checkpoint products. If you can't add to a discussion in a way that helps the poster resolve their problem, I would suggest you refrain from posting, if only to keep guys like Mr. Ely and Mr. Shook from grabbing pitchforks and torches and stirring up the locals into a mob looking to put your neck in a noose.. Again. From: Thomas W Shinder [mailto:[EMAIL PROTECTED] Sent: Saturday, December 29, 2007 1:25 PM To: NT System Admin Issues Subject: RE: SonicWall NAT'ing question ASA? ACK! Why didn't you use an ISA firewall? Much more secure and many fewer security issues. Only a fool would use an ASA, IMHO. HTH, Tom From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Friday, December 28, 2007 2:27 PM To: NT System Admin Issues Subject: SonicWall NAT'ing question SonicWall Pro 1260 w/enhanced OS I need to configure this box to NAT/PAT for a new network (10.101.2.x/24) I just brought online. This sonicwall is only going to be in service for a few more weeks, as I'm migrating to a new ASA 5510. I did figure out the routing on the sonicwall so it can get to the aforementioned network but nodes on that network can't get to the Internet. Do I create a new NAT policy? What am I missing? Shook http://www.linkedin.com/in/andyshook ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
