Leslie - I've had nightmare experiences with Check Point's UTM line. These appliances suffer from the usual "all in one" syndrome, combined with Check Point's huge QA process cuts and off-shoring of all R&D to Israel over the past few years. Many of the soft blades are based on B-grade technologies from a variety of third-party developers, so you end up with a hodge podge of sub-par components that don't play well together.
Some of the highlights: :: Occasional kernel panics, reboots, loss of traffic, and 15-minute CPU saturation during policy installs. After 12 months of troubleshooting and replacement of *all* UTM hardware, Check Point recommended to move the Smartcenter to HP hardware. It's been fine since. :: IPS blade dropping traffic when in monitor-only mode. Escalated to R&D in Israel, closed ticket with no resolution after 3+ months. :: AV scanner dropping all HTTP traffic when certain features enabled. No resolution. :: Check Point unable to get the Eventia reporting or QoS blades working in any capacity (!) after 6+ months of troubleshooting. Overall, it's been a blast! =) We ended up scrapping everything except the basic firewall blade, and I'm currently evaluating (and am very impressed with) Palo Alto firewalls as an alternative. Dave. From: [email protected] [mailto:[email protected]] On Behalf Of leslie l Sent: Tuesday, February 08, 2011 8:31 PM To: [email protected] Subject: [Pauldotcom] Question about firewall What does everyone think about a Check Point UTM-1 2050 firewall? ________________________________ NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited. Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists.
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
