Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Firewall-1 and use in Arab countries
From: Chad Schieken <cschieken () lucent com>
Date: Mon, 01 Oct 2001 15:49:26 -0400
As a consultant I've always subscribed to the theory of recommending the product that best meets the clients needs. All of the professional services firms I've worked for have subscribed to this theory. It's worked quite well, and could be considered IMHO to be a fundamental "law" of professional services.
I would be surprised learn that the bank in question had a policy that dictated the place of incorporation for the vendors it employed. It's certainly a reasonable question to ask. Assuming no such purchasing policy existed, I would think that it would be irresponsible to not at-least consider Checkpoint's products. They hold the highest market share in the category, and it's certainly a quite discerning market. I'd want to align the clients requirements to several products, then help them choose the best fit. There are several advantages of this type of method, enumerating them is left as a exercise to the reader ;-P.
Without starting the old flame war about the alleged backdoor in that product (AND THERE IS NO PROOF OF SUCH), it certainly stands to reason that verifying that the copy you install isn't Trojan'ed or otherwise tainted sounds like a safe precaution. I would be more worried about some group wanting their own special flavor of FW-1 installed at any particular bank than about the country of origin of the software.
Lastly this whole discussion could be moot as Israel has restriction crypto limitations, and an Arab nation (presumedly where the Arab bank is located) may be a export restricted list. That would be a geo-political issue that i"m not qualified to comment or interpret geo-political policy. 

Thanks,
Chad Schieken, CISSP
Lucent Technologies
Philadelphia, PA








At 12:19 AM 9/30/2001, Allan Pratt wrote:

Hi,
Since Firewall-1 is made by an Israeli company, does anyone have experience recommending its use in Arab countries and for Arab clients?
The reason I ask is that I will be on a security architecture project for an Arab bank based in the middle east. 

Should I refrain from recommending Firewall-1??


Thanks!

Allan

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]