Being one of the Canadian Reps, I'm interested in how you got that bad taste
in your mouth.
I'll try to answer your question "what's wrong with it?".
Like every other piece of security technology on this market it has its
strengths and weaknesses. If you are looking for 100% intrusion deterrence
and you have a philosophical problem with packet filtering then this box is
not for you.
If you are looking for:
- Packet filtering (high speed), yet somewhat limited firewalling
- Integrated military grade cryptography (None of this pansy Firewall to
Firewall DES stuff). We support DES,3xDEC, IDEA, NSC1, Diffie Hellman, RSA
Authentication (512, 1024, etc.).
- Fault TOLERANT cryptography (What this means is you can define primary and
secondary crypto termination points) Lets see everyone's response to that.
- Integrated 4:1 compression (throw in to deal with the crypto overhead)
- The world's only automated intrusion detection and response software
NETSTALKER (it does cost more)
- Network Address translation
- The need to support ALL PROTOCOLS across a VPN
- A vendor that's been in the networking business for 22 years
- Product scalability to over 1 MILLION packets per second
- A router any way because you need to terminate the serial line somehow.
Then the Borderguard is a potential fit for you!
Our approach is to position the Borderguard (and our other products -
Security Router Best of Interop) as one of the pieces in your security
solution. I spend half my day telling people to buy a proxy server - but
don't spend $35K to replicate what we can do 90% of in the box. Design you
solution around each products features, then balance your budget
accordingly. Why buy a huge UNIX box, when a Intel could do.
If you can get a product that provides native LAN speed service, with
integrated cryptography (Read: REAL STUFF), compression and INTRUSION
DETECTION/AUDIT for $ 3,225.00 Canadian - great. The market is responding.
Security is not something you can buy, it's something you do.
Date: March 11, 1996 00:00
I just thought I would poke and prod your brains to find out what the
general consensus is on NSC Borderguard. I saw a specs sheet on it and was
... but then I saw the price tag on it ($3500 cdn) and my first reaction was
"what's wrong with it???"
Of course getting an answer for a question like that from NSC left a bad
taste in my mouth, so I want to know if anybody is actually using it, and
what the caveats ACTUALLY are. The only thing that I am aware of that it
does not support is IP translation. - WRONG