RSS
|
|||||||||||||||||||
  Seven Firewalls Fit for Your Enterprise | |||||||||||||||||||
|
By Peter Morrissey
In the time since we last reviewed firewalls (see "Fortifying Your Firewall" at www.networkcomputing.com/803/803f1.html), new vendors have jumped in to capitalize on increased recognition among users of the need for these security products. This time, we decided to focus on firewalls with excellent performance and management features that would make them suitable for installation in enterprise environments. We identified eight vendors we thought could meet these criteria and sent each an invitation, clearly outlining our testing requirements. Seven of the eight--AXENT Technologies (which presented Raptor Firewall), Check Point Software Technologies (FireWall-1), Cisco Systems (PIX Firewall 520), CyberGuard Corp. (Firewall), NetGuard (Guardian), NetScreen Technologies (NetScreen-100) and Secure Computing Corp. (SecureZone)--accepted and came to one of our Real-World Labs® at Syracuse University. Only Network Associates declined to submit a product; the vendor did not give a reason for its decision. After investigating the products' performance and management features, and their respective abilities to distinguish between valid and unauthorized network access, we felt that all seven give the maturing firewall market a good name. Check Point's FireWall-1 offered the best overall performance, management and logging features, and it receives our Editor's Choice award. Check Point's superlative firewall policy management occurs via an interface that simplifies administration through its practical use of color and graphics. In addition, its logging and monitoring were superior. We were also very impressed with AXENT's Raptor and its powerful proxy applications. But all seven of these best-of-breed products have something valuable to offer; your individual needs will ultimately determine which is best for you. Each vendor installed its product on the OS and hardware platform it preferred. Check Point, AXENT and CyberGuard all offer Unix and NT versions and had to choose between them. Given our emphasis on performance, we were not surprised when all three vendors selected Unix. CyberGuard and Secure Computing arrived with their own "hardened" versions of Unix installed on Intel platforms. Only NetGuard presented an NT-based product for testing. Cisco's PIX, which also happened to use Intel hardware, runs its own proprietary OS and is essentially a "black box" solution. Another black box solution was presented by NetScreen, which uses proprietary ASICs.
|
|
|
|
 For an Adobe Acrobat format version of theFirewall Features Chart, click here.How We Tested Firewall Performance The pros and cons of proxies and stateful inspection NAV Now Reduces Mail-Borne Viruses September 15, 1998 Wanted Dead or Alive: The Antivirus Shoot-Out September 15, 1998 ADI-4500 VPN Switch Is a Mixed Bag October 1, 1998 Improving Data Access Security October 15, 1998 RFP: Managed Firewall Services November 1, 1998 NT 5.0: Everything But thr kitchen Sink By Art Wittmann NT 5.0 Testing: Nice Faucets, Lousy Plumbing By James E. Drews and Mike Lee  Print This Page E-mail this URL
|
|||||||||||||||
 |
|||||||||||||||||||
our customizable newsletter, sends you security alerts, product updates and software patches on the products you use. Sign up now at 
To view the Report card.Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
