shunty

hi,
has anyone used these ??
we currently run Checkpoint & require a replacement of our Nokia box which is on 4.1 & support expires in June I believe.
We have a company recommending Netscreen as a better alternative for us, & I wanted some info as I have never heard of them. He tells me that they are the 2nd largest firewall solution & are ahead of Cisco

any info appreciated.

shunty

HHxx

We used one on our web servers, but the firewall was looked after by the isp. It got hacked. They couldn't tell us how it was done...

That was the only time I dealt with them. They maybe good but I don't know... I'm sticking with Firewall1 for now as I know it

stevem2k

Why can't you just upgrade to FW1-NG ?

Steve

shunty

HHxx - hmm, that doesn't sound good.

stevem2k - that's what I am proposing to do (well not me personally), build a new 380i Nokia box with FP3 on, our firewalls in europe have all been upgraded to FW1-fp1, but main firewall needs doing.
I was approached by a company looking for business & amongst other things have recommended netscreen, but I had never heard of it.

cheers

shunty

shunty

forgot to add, some of the european offices have been upgraded to feature pack 2...but 3 is current with 4 around the corner I believe ??

shunty

danny-boy

I use one of these, a Netscreen 5 XP Elite, we use to use, nice GUI, got it linked up between the server and the ADSL router.

Deals with all our stuff no worries

chockymonster

Replaced all of our Checkpoints with Netscreens.
Fantastic bits of kit, so much simpler, also no bacground os to be hacked.Any firewall can be hacked if badly configured.

shunty

yes, I believe the netscreen has hardware designed specifically for firewalling/ipsec etc....hence hardware is always better than software.

chockymonster - fair comment about hacking firewalls that havn't been configured properly.

funnily enough netscreen were mentioned on the register today, after I had said that I have never heard of them, apparantly they are very big in the states ??

shunty

IWatkins

I got a very nice NetScreen T-Shirt off their stand at the NEC a couple of years ago. I know, not very helpful, but it is a good quality T-shirt...

chockymonster

The other bonus of the netscreens is the cost!
I run one at home, a small 5xp 10 user box, It costs less than a windows license

They are fast catching up on checkpoint, I think they are now the 2nd largest firewall provider in the SME market.

shunty

wear that one on Monday, Wednesday & Friday, & save the MCP one for Tuesday's & Thursdays, with your matching MCP watch

shunty

shunty

chocky....yes, I also liked the all inclusive deal if you buy a netscreen box...vpn throttling module & unlimited licences, can't remember what else as awaiting an email with relevant bumph on...
oh & a teeshirt probably

shunty

chockymonster

can put you in touch with a fantastic var if you need a supplier.
Rare in the sales industry as they are honest

shunty

won't do any harm....I had Entech in today & have a day booked in June for them to demo this & other stuff I am interested in.

cheers

shunty

Jeff Wiltshire

Did I mention that we are Netscreen dealers.....

elgordano

check out there Crossbeam platforms as well....multiple instances of checkpoint on 1 box...i think.

Gordo

shunty

Hi Jeff,

soryy it's taken a while for me to get back to you, I was off thurs & fri last week. I will reply to you mail you sent @ my works addy, give me a bit of time to dig through my mails first

shunty

shunty

elgordano - thanks, I will

shunty

Chris L

Shunty - how are you managing your firewalls at the moment? Do you use Provider-1 or something similar. Might be a consideration if you are going to change to Netscreen.

Our standard platform is the Nokia/Checkpoint box (I think we are the largest (certainly in the top 3) provider of managed firewalls in the world now - over 900 at the last count). Needless to say, we do rate the Nokia boxes.

Although I believe we do now supply the Netscreen. Anything which gets through our R&D process has to be pretty good (although we are big Cisco house - we rejected Pix for many years, because it wouldn't pass our tests).

Worth a look in my opinion. Be interested to know what you think. Incidently, if you decide to stay with FW-1 - avoid FP3 - our research guys reckon it was very buggy. Worth hanging on for FP4.

Chris

shunty

hi ChrisL - we have a single Nokia box sitting in our DMZ @ Leeds, which is our main firewall for the company & feeds VPN connections to 8 european countries...the european offices have a software checkpoint firewall locally obviously to authenticate & establish the trust.
Our main hardware box is running 4.1 which I know needs upgrading anyway but with it becoming unsupportable soon as well
the european connections are all on FP1.
We have 2 existing offices (australia with 150 users & Italy with 50 users)which now need VPN as well, so I don't know whether to look at Netscreen or stick with Checkpoint ??
If it's a "do-able" migration from CP to NS (I suppose it's only IP-SEC (does netscreen do OP-SEC connection?) on a security/cost basis & reliability/speed & all the other usual factors, then I would consider it.
I could put the 2 new firewalls in as NS & establish VPN etc, then look at replacing the current main firewall (rulebase transfer)

shunty

Jeff Wiltshire

Shunty

Call me and we'll discuss....


07768 016310


Jeff

shunty

no problem Jeff, ring you tomorrow.

cheers

shunty