Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: Nokia IP platform Versus Netscreen Platform
From: David Pearl <david_pearl_sf () yahoo com>
Date: 18 May 2001 01:14:58 -0000


There have been a number of 3rd party articles on 
the two products...

When I was evaluating fw/vpn for our network, I 
searched the web and found a number of articles on 
CommWeb, Network Computing, eWeek, Tolly 
Group, Network World, etc.

What it boiled down to was security, performance, 
manageability, support, and of course, cost.

NetScreen ranked high on all four counts.  Since both 
use Stateful Inspection, security was tight.  Although I 
ranked NetScreen a little higher because they use a 
non-commercial operating system that can't be 
purchased and therefore, reverse engineered to find 
the holes.

Performance on the NetScreen is tops, bar none, due 
to their 3rd generation ASIC.  The Nokia boxes are 
really legacy-based PCs with CheckPoint software 
running on them.

Manageability between the two is close due to highly 
intuitive web interfaces.  Both of them have global 
management options via Provider 1 and Global Pro.   
NetScreen also has built-in SSH and SSL for secure 

From conversations with their support departments, 
they seem to be similar.  Checkpoint being better 
than Nokia (for obvious reasons), and NetScreen had 
a very capable set of staff as well.  Both companies 
have worldwide presence and well-developed 

Cost.  Here's an area where they really diverge.  
CheckPoint/Nokia with their confusing licensing 
schemes and proliferation of software offerings made 
it a pain in the rear for complex deployments.

NetScreen, however, does not have such licensing 
arrangements.  Pay for the boxes and support, and 
that is pretty much it...

As far as H/A, both of them employ it.  My testing 
showed both of them performing fully stateful failover 
in less than one second.  I was became a little 
concerned when I was simulating a power outage by 
cutting the power abruptly and when one of the Nokia 
boxes experienced a software corruption and needed 
some support to be revived...  No such experience on 
the NetScreens and furthermore, they booted up very 

I hope this helps a little.  If not, again, there are plenty 
of third-party articles available on the web...


David P.


Has anyone seen a feature/performance 
comparison of the above two product lines, 
particularly in HA configurations?

Else has anyone done their own analysis they are 
willing to share?

Many thanks,

Paul Murphy.

CRESTCo Ltd.             The views expressed above 
are not necessarily those
33 Cannon Street.        held by CRESTCo Limited.
London  EC4M 5SB (UK)      
+44 (020) 7849 0000     http://www.crestco.co.uk 

firewall-wizards mailing list
firewall-wizards () nfr com

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]