With all of the recent attacks against ISP services, has anybody
considered implementing Checkpoint Firewalls into the CISCO 7513s to
front end all traffic from the Internet?--
Tim Crowell - GTE Intelligent Network Services
tcrowell@gte.net Voice: 214.751.3881
I know that Bay is doing this with Checkpoint when (or soon after)
FW-1 3.0 is released. I assume this would make a deal with cisco
rather difficult, especially considering the way cisco has been
pushing the PIX box against FW-1.
I know that Bay is doing this with Checkpoint when (or soon after)
FW-1 3.0 is released. I assume this would make a deal with cisco
rather difficult, especially considering the way cisco has been
pushing the PIX box against FW-1.
Just to throw in a little bit more info..
Theres little comparrison between the two.
PIX is more of an address translation unit with firewalling
capabilities.
Firewall-1 is a fully functional Firewall with limited address
translation.
i.e. PIX has a pool of IP addresses.. true address translation.
Firewall-1 does address 'hiding' making it look to the external world
like all connects come from a single IP.
I tend to prefer to keep routers as routers and firewalls as firewalls,
it reduces the CPU overhead, Problem Determination is easier, and
configurations are kept in a distinct logical box.
Of course this is at the expense of cost, and space.
Glynn Stanton.