Date: Mon, 29 Oct 2001 17:49:33 -0800 From: Kelsey Cummings <kgc@sonic.net> To: Henrik Hudson <lists@rhavenn.net> Cc: Julian Morgan <jmorganmcse@hotmail.com>, freebsd-questions@FreeBSD.ORG Subject: Re: watchguard firewalls Message-ID: <20011029174933.X42541@sonic.net> In-Reply-To: <200110310150.f9V1o4l31631@ashram.rhavenn.net>; from lists@rhavenn.net on Mon, Oct 29, 2001 at 07:55:06PM -0600 References: <F153ra5X5fN5y92LWJU00019517@hotmail.com> <200110310150.f9V1o4l31631@ashram.rhavenn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Just be warned that the Watchgaurd filewalls that I've seen can't do anything BUT proxy outbound connections which means that the source IP address of machines from inside get hidden. Which, is both good and really bad. On Mon, Oct 29, 2001 at 07:55:06PM -0600, Henrik Hudson wrote: > We ran Watchguards where I used to work and they are pretty cool and worked > well for VPN purposes. > > They run a Linux kernel in them and are stable if kept updated, etc....my > only real nitpick with them is that they can only log to a NT machine running > their logging agent which was a bit annoying..i mean your running a Linux > kernel, I am sure they could figure out some sort of syslog funcitionality, > but I digress. > > Their config is simple and their support was decent and they worked better, > IMHO, then the Cisco PIX's that replaced a few of them. > > As for BSD being to hard to stay on top of? Hogwash! Get your butt on > security-announce@freebsd and friends and there ya have it. > > > On Monday 29 October 2001 19:21, Julian Morgan wrote: > > <html><div style='background-color:'><DIV>in relation to a company quoting > > that BSD is too hard to stay ontop of, regarding updating the OS with > > security patches for an effective firewall, this company is instead quoting > > us on watchguard 700 firebox firewalls, have any of you heard about these > > thing, any bad comments....</DIV> <DIV> </DIV> > > <DIV>Sorry - the question is not totally related to BSD - but they are > > trying to replace my 7 network BSD structure with these things - and have > > given me neally no detail and I want to make sure it is a suitable product > > for VPN firewall capabilities</DIV></div><br clear=all><hr>Get your FREE > > download of MSN Explorer at <a > > href='http://go.msn.com/bql/hmtag_itl_EN.asp'>http://explorer.msn.com</a><b > >r></html> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > -- > > Henrik Hudson > lists@rhavenn.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Kelsey Cummings - kgc@sonic.net sonic.net System Administrator 300 B Street, Ste 101 707.522.1000 (Voice) Santa Rosa, CA 95404 707.547.2199 (Fax) http://www.sonic.net/ Fingerprint = 7F 59 43 1B 44 8A 0D 57 91 08 73 73 7A 48 90 C5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011029174933.X42541>