Michael Sorbera wrote:
> Rodolfo Delgado Bueno wrote:
>
> > We are evaluating information abaut diferent firewalls but the only
> > information we found abaut Cisco Pix cames form Cisco.
> > Is this product so secure as the resaeler guaranteed?? (more than
> any
> > software firewall !?)
> > We would like to have pointers to an imparcial evaluation of this
> > product or any coments abaut it.
> > Thanks in advance
> >
> > Rodolfo Delgado
>
> Rodolfo, I'm not a firewall guru by any means, but I'll lend what
> little I know. I'm a Webmaster that's been doing a tremendous amount
> of
> research in the last 4 months on a firewall solution. I don't like
> hearing just from marketing droids either. I want to be able to talk
> to
> someone that has actually used the product.
> I have an extensive security and communications background, and
> when
> I first started reading about the different firewalls, I was impressed
>
> with the theory behind the PIX. It seemed that IF the PIX box did
> what
> CISCO claimed, that it would be awesome.
> You can find out a bunch by looking at the companies past history.
>
> CISCO hasn't in the past put out junk. Now they have let some buggy
> stuff out of the bag, but for the most part, what they say is what you
>
> get. They have a good reputation that they have to uphold. ( and I
> DON't work for, or resell CISCO!)
> I've read quite a few postings from folks that have the PIX box,
> and
> the only complaints have been from the bunch that's using the OLDER
> version of the PIX software. The newer version seems to have fixed
> the
> bugs. Also, keep in mind that the flash memory that stores the tables
>
> is susceptible to voltage transients that can wipe them clean. Bottom
>
> line, if you have the PIX box plugged into a good UPS thats connected
> to
> a decent power source, and you don't go opening the box up, you'll
> probably be o'kay.
> One word on my understanding of the packet filter vs. application
> proxy war...folks that have cut their teeth on packet filtering being
> garbage, and application proxy being the only thing that really works,
>
> are kind of like the paradigm of the swiss watchmakers that couldn't
> grasp a watch without gears...they just can't see it...
>
> Anyway, thats my very humble opinion...
>
> Michael Sorbera
> msorber @
ibm .
net
> Randolph-Brooks Federal Credit Union
Rodolfo,
I did some evalutions of PIX firewalls back in February. The new PIX
stuff is
definitely worth looking at. My boss and I agreed that the functionally
increased
and bugs were fixed.
- Joseph
--
Name: Joseph Iacovelli
Email: wolfboy @
earthlink .
net
Quote: "Second best don't cut it" - Wolverine
References:
|
|
