Re: Centralized firewall management and log analysis tools

[Andy Smith <andy () m0vkg org uk>]

On Thu, May 3, 2012 at 7:12 PM, john dow <guest01 () gmail com> wrote:
> If money is not a concern, I would recommend Check Point. We have quite
> a big Check Point deployment as well as Juniper Firewalls,
> Phion/Baracuda Firewalls and some Cisco Firewalls (ASA, PIX). Check
> Point has by far the best tools for managing a centralized deployment.
> Even their IPS-blade is much better now that I has been before. For log
> analysis you could use Check Point Eventia Reporter and with Tufin, you
> can do much more, e.g. track changes, compliance, ...
> I am not a Check Point guy and I regularly complain about Check Point
> myself, but it is definitely the best package I have experienced yet.

Although Check Point do have some good products from an endpoint point
of view, I manage a number of Provider-1 installations and I can't say
I'm particularly impressed with it. It's extremely resource-hungry,
and trying to get sensible logs out of it when something doesn't work
(as happens often in my experience) is not easy.

My 2p worth.

Andy.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------