Full Disclosure mailing list archives
Re: PIX vs CheckPoint
From: Jeff Kell <jeff-kell () utc edu>
Date: Tue, 29 Jun 2004 23:01:52 -0400
Eric Paynter wrote:
On Tue, June 29, 2004 4:57 pm, Gary E. Miller said:I agree, except for one small problem. Don't you still have to delete ALL the filter rules, and reenter them ALL to change the order of the rules?I don't administer the PIX boxes, so I don't know the details of the interface. My statements were based on what the admins told me. However, isn't the beauty of any CLI app that you can do all your administration through simple scripts?
Sometimes it is an erase-and-redo operation, sometimes not; depends on the task you are trying to do and the software release. Someone earlier mentioned the PDM (PIX Device Manager) being a nightmare, but I find it to be absolutely wonderful for certain tasks. You don't want to use it for batch/bulk updates/configs, but it certainly has its strong points (especially current versions of PDM and PIX software).
And yes, PIX logs are extremely verbose <ahem>. Especially if you have it log URLs (which we aren't, but still get 5-10 gigs/day of logs).
Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: PIX vs CheckPoint, (continued)
- Re: PIX vs CheckPoint Jaroslaw Sajko (Jun 30)
- Re: PIX vs CheckPoint Laurent LEVIER (Jun 30)
- RE: PIX vs CheckPoint James Patterson Wicks (Jun 29)
- RE: PIX vs CheckPoint Eric Paynter (Jun 29)
- RE: PIX vs CheckPoint Gary E. Miller (Jun 29)
- Re: PIX vs CheckPoint John Kinsella (Jun 29)
- Re: PIX vs CheckPoint Eric Paynter (Jun 29)
- RE: PIX vs CheckPoint Tom Curry (Jun 29)
- Re: PIX vs CheckPoint Gary E. Miller (Jun 29)
- Re: PIX vs CheckPoint Eric Paynter (Jun 29)
- Re: PIX vs CheckPoint Jeff Kell (Jun 29)
- Re: PIX vs CheckPoint Matt Ostiguy (Jun 29)
- Re: PIX vs CheckPoint Simon Burr (Jun 29)
- RE: PIX vs CheckPoint Eric Paynter (Jun 29)
- RE: PIX vs CheckPoint; IMHO Netscreen is far superior Edward W. Ray (Jun 29)
- RE: PIX vs CheckPoint; IMHO Netscreen is far superior Gary E. Miller (Jun 29)
- Re: PIX vs CheckPoint Jim Burwell (Jun 30)