|
Firewall Wizards
mailing list archives
RE: FW appliance comparison - Seeking input for the forum
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 1 Feb 2006 11:59:55 -0500
-----Original Message-----
Subject: Re: [fw-wiz] FW appliance comparison - Seeking input for the forum
I think it would be interesting to know what type of group of was
responsible for managing
the firewalls in the study. I am moving an account off of a Checkpoint
being managed by a
services organization onto a PIX platform (no intent to start a vendor
war) - and I have
been surpised by the permissiveness, and redundancy, in the "managed"
ruleset. The managed set broke two of the major rules in the documented in
the paper - and
possibly a third if I had it on front of me.
Of course this takes a new tangent; but it would be an interesting study.
Haha! I have to tell you, as soon as I read this, I immediately thought of
two vendors and am wondering if either of them are the vendor in this case.
But embarrassing vendors - as fun as it is - isn't part of the list charter.
The one thing that always struck me funny about these situations where an
MSSP does a lousy job of remotely managing a Check Point rule base is that,
in order to get Check Point's seal of approval, you've got to run
Provider-1, which is a fairly large cash layout to start a service like
that. But then to not spend much if any money on staff and staff
training...
I guess I shouldn't be surprised, but I am. And amused. But only because
it's not my firewall. :-)
PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
| 
Intro
