My initial apologies to those members of the list that this gets to that
have nothing to do with the sale of Firewalls Products.
We are in the process of doing a white paper of the various firewalls
that are available. For you firewalls vendors, could you please fill this out
this RFI and return it to us. The information will be used as part of a online
BTW we have done several documents that may be of interest including a
version of the TIS Firewalls FAQ. Check our ftp server (ftp.collcomm.com) for
Thanks in advance for your help.
REQUEST FOR INFORMATION
PROJECT: Internet Firewall Security/Product Evaluation
Objective: Evaluate and recommend software products that can perform the following strategic requirements:
The firewall product must enforce all Security and Internet Usage Polices, Standards, and Controls enterprise wide for both inbound and outbound Internet access.
Vendor market penetration, acceptance, and proven technology.
Integration capabilities (current and future)
Reporting and audit features
Ability and flexibility in protecting information assets outbound and inbound from the Internet.
Integrate security management and control of all Internet access computing platforms (gateways, Internet access points, etc.) and servers from a single point.
1) Does your product provide the capability to manage multiple Internet connect points and platforms from a central node? Does it include centralized reporting? What platforms are supported?
2) Does your product provide for on-site customizing and automating of security and audit reporting?
3) Does your product provide an audit policy and review document with a clear definition of each item being audited, its security significance, and the risks associated with laxity in that area?
4) What methodology does your product employ for security alerts, smoke screens, traps: and how does it perform defensive action (i.e. terminate malicious connections)?
5) Does your product provide on-line monitoring, and detecting capabilities, as well as detailed audit logs and specialized alarm management?
6) Does your product provide statistical usage reporting by application, user, and bytes transferred, etc.? Are summary, exceptional, and detailed analysis reports provided? Please include sample formats, and report filtering details.
7) Does your product have GUI and/or Mouse interfaces? Does it include a help facility?
8) Does your product provide for server boot protection, basic operating system protection; does it protect basic system files (i.e. Autoexec.Bat. and Config.Sys) from modification?
9) Does your product provide administrative facilities for managing users' accounts and passwords?
10) Does the product come with a complete set of installation, implementation, and administration documentation?
11) Do you fully own, and are responsible for support of the product with regular updates and enhancements; including, keeping current with operating systems, and networks?
12) Does your product support both content based filtering as well as general packet filtering protection? Is there Type Enforcement or a similar method to operate on packet content (other than routing)?
13) Can your product discern between plain text packets and encrypted packets? Can encryted packets be blocked?
14) Can your product block the sending of Internal Email to Anonymous Re-mailers, and identified list aliases?
15) Does your product provide for compartmentalization? What would happen if a service such as SMTP be compromised? Can a user break out of that service and compromise another such as FTP or Root?
16) Does your product integrate securely with all WWW services and client types and methods such as Mosaic, Netscape, SPRY, Secure HTTP, SSL (please list all)?
17) Does your product have the capability, not only to stop an intrusion, but also provide misleading information and identify the intruder? How is the intruder identified?
18) How does your product address first time user password requirements? Is there a one time secure password methodology for authorized remote administrator logins from the internal network and from the internet?
Please review & respond by Tues.May 2, 1995
Fax : 415 494 8149
Phone: 415 857 1026
Email: Janine @
Todd Glassey Todd @
Chief Technologist/Technologies Manager www: http://www.collcomm.com
(415)857-1036 - Voice ---- (415) 494-8149 (FAX Server)
- Did someone say espresso?. I'll have a triple, please - and hold the