Great Circle Associates Firewalls
(September 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: netra firewalls
From: Shahryar Jahangir <sj @ bear . com>
Organization: Bear Stearns
Date: Fri, 20 Sep 1996 12:12:56 -0400
To: dstrong @ www . os . dhhs . gov
Cc: Andy Watts <andywatt @ loxinfo . co . th>, firewalls @ greatcircle . com
References: <9609200333 . AA11409 @ lox2 . loxinfo . co . th> <32429D04 . 3A67 @ www . os . dhhs . gov> 
Gentl'man,
	
The software - Firewall-first - is not meant for  full scale enterprise
proxy/fw.
	If you want to implement an enterprise FW and proxy server, get
yourself a REAL copy of the software ... it's the age old rule - YOU GET
WHAT YOU PAY FOR.

	FW-1 is an excellent product. I recommend it hands down over all other
firewalls. The ease in configuration and superb performance is an
administrators dream.

sj


David Strong wrote:
> 
> Andy Watts wrote:
> >
> > Hi,
> >
> > As far as I understand the firewall that comes with the netra is
> > Firewall-first.  This is scaled down version of firewall-1.  When I say
> > scaled down I really should worthless.
> >
> > Only five sessions allowed through the firewall.  A long delay between one
> > session ending and a new session being allowed again.  Only five services,
> > http, ftp, telnet, gopher (i think) and the fifth service is definable.
> > There is no authentication, network address translation or encryption.
> >
> > This is really some smooth marketing, anyone who buys a netra and is
> >  concerned about security will find they need to firewall-1 light version
> >  quite soon.
> >
> >  Andy
> 
> Andy,
>   It sounds as if you've had your share of troubles with the netra
> solution. I was wondering if you could forward some advise. I am looking
> into a Netra solution for one of my contracts. All I need is http
> firewall service between one http server on the netra box and 400 known
> clients. What I was wondering, is can you configure firewall first for
> secure http? If so, how much athourity do you have over the traffic, how
> configurable is it? With the light version can you specify which port
> you wish to use for each services' traffic, i.e. can I use the  fifth
> service for my own TCP communications protocol? Also, does the netra
> come with all the Solaris 2.5 modules for a development system or is
> that cut down as well?
> Thank you
> 
> David Strong
> dstrong @
 www .
 os .
 dhhs .
 gov

-- 
		  ...........................................
			       Shahryar Jahangir

			      Information Services
			    Bear Stearns & Co. Inc.
				245 Park Avenue
			       New York, NY 10167

			       email: sj @
 bear .
 com
		   Tel: 212 272 7764       Fax : 212 499 6977
		  ...........................................

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************
Follow-Ups:
References:
Indexed By Date Previous: Re: IP spoofing
From: woods @ ucar . edu (Greg Woods)
Next: FW-1 NAT problem -Reply
From: Richard Gilman <rgilman @ vortexdata . com>
Indexed By Thread Previous: Re: netra firewalls
From: David Strong <dstrong @ www . os . dhhs . gov>
Next: Re: netra firewalls
From: Les Carleton <les @ tracker . demon . co . uk>
Google
 
Search Internet Search www.greatcircle.com