Firewall Wizards mailing list archives
Re: Netscreen firewalls
From: "Jon Sabo" <jonathan.sabo () gmail com>
Date: Fri, 15 Dec 2006 14:48:54 -0500
Mike, I doubt you're going to find much of a downside. While working for one of the larger MSSP's we deployed lots of the different firewalls for hundreds of different companies. As a result Netscreens are my favorite firewall, especially the ISG's. They're sick. Pix's are cool too but for any kind of deep packet inspection (and not a proxy) you have to go to with Netscreens or checkpoints... and Netscreens support doesn't suck and the configuration is a text file. ISG's with IDP modules allow you to send certain traffic to the IDP for analysis per rule! The only thing I think is kind of nuts is that you can factory reset a Netscreen by logging in with the serial number as the user name and password. This is an idp hack but... its still really cool.... albeit old. http://web.archive.org/web/20040528165427/hack3rs.org/~nahual/netscreen.html Ez. Jonathan Sabo On 12/15/06, Mike LeBlanc <mlinfosec () comcast net> wrote:
All, I'm looking for guidance on vulnerabilities/downsides to the Netscreen firewalls. I am not looking to start a flamefest on Netscreen but simply am looking for the downside. We currently are a cisco pix shop and have monitoring and change management built around cisco. I have done a google on Netscreen vulnerabilities and issues but didn't find much current data. Any information is appreciated in advance, including links to current data. Additionally if you have personal expereince, positive or negative, with Netscreen I would like to hear it.. off list if so desired. Thanks in advance for any information you can provide, Mike LeBlanc, CISSP VP/Infosec officer for multinational bank _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- testing gear Shahin Ansari (Dec 11)
- Re: testing gear Aaron Smith (Dec 12)
- <Possible follow-ups>
- Re: testing gear clmmacunix (Dec 12)
- Netscreen firewalls Mike LeBlanc (Dec 15)
- Re: Netscreen firewalls Jon Sabo (Dec 15)
- Re: Netscreen firewalls Carson Gaspar (Dec 15)
- Re: Netscreen firewalls Peter Bruderer (Dec 17)
- Re: Netscreen firewalls Paul Melson (Dec 19)
- Netscreen firewalls Mike LeBlanc (Dec 15)