In message <199701272000 .
JAA01285 @
atlantis .
actrix .
gen .
nz> writes:
> We currently use BorderWare firewall and we're thinking of using Cyberguard
> instead. Has anyone got any information on Cyberguard or any comments on the
> merits of Cyberguard vs BorderWare.
It depends. If you are really concerned about security, CyberGuard is the way
to go. It hosts the firewall on a U.S. National Computer Security
Center-evaluated B1 trusted computing base, and uses the TCB's mandatory access
controls to isolate and protect the firewall configuration and executable files.
On top of that, the firewall application itself has achieved an ITSEC
certification at the E3 level (European equivalent of B1), which means that not
only the platform but the application itself has received a kind of security
"Good Housekeeping Seal of Approval". On top of this, NCSA and other
independent evaluators have rated CyberGuard as one of the - if not *THE* - most
secure of all firewalls on the market.
For me, the TCSEC OS and ITSEC application evaluation provide me with a lot more
assurance and warm fuzzies about the "hacker-resistance" of CyberGuard than any
vendor claims about a "hardened" UNIX operating system or trustworthy
application.
On the other hand, if your main (or only) criterion is cost, you should forget
about CyberGuard, because it is indeed at the high end of the market (along with
Sidewinder), and will run you at least US$25,000 (including the OS and hardware
platform).
Karen Goertzel
=====
K.M. Goertzel
Manager, Business Development
Secure Systems & Services Operation
WANG FEDERAL, Inc.
7900 Westpark Drive - MS 700
McLean, VA 22102-4299 USA
tel (703)827 3914
fax (703)827 3161
email goertzek @
wangfed .
com
|
|
