It seems like we cannot avoid the quasi-religious, all-or-nothing, "I know
what's best" arguments on this discuss group.
In response to some of your humble and self-effacing sentiments:
>I'll be exceedingly kind and say that the Checkpoint Firewall-1 firewall
>does not meet my level of expectations and I do not deem it worthy enough
>to recommend to any of *my* valued customers.
Well, dog my cats. That's the most serious criticism since, well, the
Justice Department: Check Point (please note the spelling) have the
effrontery to make and even market a product that doesn't meet your
"expectations". What exactly shall they do to be worthy of your customers
(presumably the plural there implies at least 2).
BTW Thanks for being "kind"; I'm sure Check Point appreciates the honor.
> I agree with the NSA's report on the stateful inspection. The NSA does
good work. (I also like their style of report-writing, but that's beside
the point). 8^)
Thanks goodness for that. I was really, really worried my tax dollars
funding the NSA were being wasted on stuff like supercomputers or breaking
the enemy's codes. Also, if you hadn't agreed with their report, Congress
would presumably have to fire 'em ...
> I think that many people are overlooking some important criteria when
evaluating firewalls. The Stateful Inspection is just the tip of the
iceberg. A few criteria are listed below, others are available in the
*free* Firewall Evaluation Checklist which can be downloaded from my
company's web site.
Thanks for all the free, humble stuff. We will all be sure to use them to
build our businesses of for making mission-critical decisions in a
non-religious, objective way.
Enough, enough, enough.
Let's try keep our esteemed discuss group on point and avoid the "trash my
unfavorite vendor" syndrome. Just makes everyone testy.
More to the point, computer security proponents will never be regarded as
"professionals" by senior management as long as we show ourselves
incapable of rational argument, understanding that the world is not and
never will be perfect and that there are elements of business risk
associated with every course of action. Ranting and raving about technical
imperfections, without looking at the business needs, is guaranteed to keep
security on a low, "techie" back burner in the Board rooms.