Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: Nokia IP platform Versus Netscreen Platform
From: Yang Lee <ylee () net50 com>
Date: Wed, 30 May 2001 19:45:24 -0400 (EDT)

In our lab, we test out Netscreen NS-5s (low end line), functionality and 
performance. The result is closely matched with Netscreen's claim. I'm 
especialy impressed with their software (compared to cisco) and their VPN 
performance (3des at near wire speed). Pretty interesting. We'll consider 
deploy NS-500e at some point that our PIX 525s failed. 

Two thumb-up. Go Netscreen!


Paul,

There have been a number of 3rd party articles on 
the two products...

When I was evaluating fw/vpn for our network, I 
searched the web and found a number of articles on 
CommWeb, Network Computing, eWeek, Tolly 
Group, Network World, etc.

What it boiled down to was security, performance, 
manageability, support, and of course, cost.

NetScreen ranked high on all four counts.  Since both 
use Stateful Inspection, security was tight.  Although I 
ranked NetScreen a little higher because they use a 
non-commercial operating system that can't be 
purchased and therefore, reverse engineered to find 
the holes.

Performance on the NetScreen is tops, bar none, due 
to their 3rd generation ASIC.  The Nokia boxes are 
really legacy-based PCs with CheckPoint software 
running on them.

Manageability between the two is close due to highly 
intuitive web interfaces.  Both of them have global 
management options via Provider 1 and Global Pro.   
NetScreen also has built-in SSH and SSL for secure 
management.

From conversations with their support departments, 
they seem to be similar.  Checkpoint being better 
than Nokia (for obvious reasons), and NetScreen had 
a very capable set of staff as well.  Both companies 
have worldwide presence and well-developed 
channels.

Cost.  Here's an area where they really diverge.  
CheckPoint/Nokia with their confusing licensing 
schemes and proliferation of software offerings made 
it a pain in the rear for complex deployments.

NetScreen, however, does not have such licensing 
arrangements.  Pay for the boxes and support, and 
that is pretty much it...

As far as H/A, both of them employ it.  My testing 
showed both of them performing fully stateful failover 
in less than one second.  I was became a little 
concerned when I was simulating a power outage by 
cutting the power abruptly and when one of the Nokia 
boxes experienced a software corruption and needed 
some support to be revived...  No such experience on 
the NetScreens and furthermore, they booted up very 
quickly...

I hope this helps a little.  If not, again, there are plenty 
of third-party articles available on the web...

Cheers,

David P.

Hey...

Has anyone seen a feature/performance 
comparison of the above two product lines, 
particularly in HA configurations?

Else has anyone done their own analysis they are 
willing to share?

Many thanks,

Paul Murphy.



-------------------------------------------------------------------
--------------------------------------------------------
CRESTCo Ltd.             The views expressed above 
are not necessarily those
33 Cannon Street.        held by CRESTCo Limited.
London  EC4M 5SB (UK)      
+44 (020) 7849 0000     http://www.crestco.co.uk 
-------------------------------------------------------------------
--------------------------------------------------------

___________________________________________
____
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault