Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Firewall-1 and use in Arab countries

Re: Firewall-1 and use in Arab countries

From: Chad Schieken <cschieken_at_lucent.com>
Date: Mon, 01 Oct 2001 15:49:26 -0400

As a consultant I've always subscribed to the theory of recommending the
product that best meets the clients needs. All of the professional services
firms I've worked for have subscribed to this theory. It's worked quite
well, and could be considered IMHO to be a fundamental "law" of
professional services.

I would be surprised learn that the bank in question had a policy that
dictated the place of incorporation for the vendors it employed. It's
certainly a reasonable question to ask. Assuming no such purchasing policy
existed, I would think that it would be irresponsible to not at-least
consider Checkpoint's products. They hold the highest market share in the
category, and it's certainly a quite discerning market. I'd want to align
the clients requirements to several products, then help them choose the
best fit. There are several advantages of this type of method, enumerating
them is left as a exercise to the reader ;-P.

Without starting the old flame war about the alleged backdoor in that
product (AND THERE IS NO PROOF OF SUCH), it certainly stands to reason that
verifying that the copy you install isn't Trojan'ed or otherwise tainted
sounds like a safe precaution. I would be more worried about some group
wanting their own special flavor of FW-1 installed at any particular bank
than about the country of origin of the software.

Lastly this whole discussion could be moot as Israel has restriction crypto
limitations, and an Arab nation (presumedly where the Arab bank is located)
may be a export restricted list. That would be a geo-political issue that
i"m not qualified to comment or interpret geo-political policy.

Thanks,
Chad Schieken, CISSP
Lucent Technologies
Philadelphia, PA

At 12:19 AM 9/30/2001, Allan Pratt wrote:
>Hi,
>
>Since Firewall-1 is made by an Israeli company, does anyone have
>experience recommending its use in Arab countries and for Arab clients?
>
>The reason I ask is that I will be on a security architecture project for
>an Arab bank based in the middle east.
>
>Should I refrain from recommending Firewall-1??
>
>
>Thanks!
>
>Allan
>
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards_at_nfr.com
>http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Received on Oct 02 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]