Security Basics mailing list archives
RE: Firewall Hardware Recommendations
From: "Timothy Donahue" <tdonahue () Haynes-Group com>
Date: Wed, 31 Dec 2003 17:15:17 -0500
I am not trying to question your working experience with WG: I work for a company who support Watchguard, apart from other products .... including Sonicwall and Borderware ... Since I started supporting Watchguard, around 2000, and may have criss-crossed about atleast 150 to 200 fireboxes / customers or more, and still supporting a majority of this number, and the scenarios you mentioned were (occasionally) showing up on the older softwares, where they used a
I have a Firebox III 700, and I can verify the crashes happen. Both times, it was version 6.2. I had one removing the VPN key, and another one when all I was doing was applying a routing update. (I will admit that I was changing all but one of the routes the Firebox knew, but still....) I also have had it just stop routing packets twice in the last couple months. I am getting ready to replace ours with a PIX or OpenBSD's PF in the next couple of months. We will probably go with the PIX, because of Cisco's support, but I am using PF for all our internal firewalls. If you are looking for something stable, and secure, I would recommend using one of those. I would recommend a Watchguard Firewall to a startup company, but from the description of the Original Poster's network, it sounds like you need something slightly more robust than what I have seen from the Watchguard line. In this case, I would recommend either the PIX or PF. (Side note: I have heard that Checkpoint firewalls are excellent as well, I just have never had the oportunity to use one.) My $.02. Tim Donahue --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Firewall Hardware Recommendations Timothy Donahue (Jan 02)