Date: Sat, 7 Oct 2000 17:49:09 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Chris Faulhaber <jedgar@fxp.org> Cc: Craig Cowen <craig@allmaui.com>, "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: Check Point FW-1 Message-ID: <Pine.LNX.4.10.10010071737550.7084-100000@jamus.xpert.com> In-Reply-To: <20001007074145.A59213@earth.causticlabs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 7 Oct 2000, Chris Faulhaber wrote: > On Fri, Oct 06, 2000 at 10:57:37PM -0700, Craig Cowen wrote: > > The big cheeses at work want to use check point instead of ipf or any > > other open source solution. > > Can anybody help me with vunerabilities to this so that I can change > > thier minds? > > > > Ah, so your PHB's are security experts? Make sure their number is the > first one called when problems arise :) Hi, Speaking for myself (Xpert are official ChekPoint dealer) I can say that although FW-1 might had some problems, it's quite good. It's quite secure as well (usually installed on Solaris/(sparc|i386) ) It's very easy in administration and has very nice GUI. It also includes VPN which makes it very useful for enterprise deployment. I think it's a good product after all. P.S. I once started making gui for ipfilter that resembles cp fw1, but didn't finish it.. --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10010071737550.7084-100000>