Once we'd laid in a few cases of Red Bull, we put on our enterprise firewall admin hat and focused on answering these questions: How effective at stopping attacks are the new DI-capable firewalls, and what impact does DI have on performance? How robust is the failover component? What capabilities are provided for those who need to manage a large number of firewall rules? What audit, logging and troubleshooting capabilities can we expect? And finally, what do these bad boys cost?
Our invite list reads like a who's who in the enterprise firewall arena. However, after reviewing our testing criteria, only six top-level vendors were both qualified and willing to participate. We were pleased to welcome Check Point Software Technologies' Next Generation With Application Intelligence, CyberGuard Corp.'s TSP 7100 Security Appliance, Fortinet's FortiGate-3600 Antivirus Firewall 2.8, Juniper Networks' NetScreen-ISG 2000, Secure Computing's Sidewinder G2 and Symantec Corp.'s Symantec Gateway Security 5460 Appliance into our labs and consider these offerings squarely within the upper echelon of the enterprise firewall market.
3Com-TippingPoint, McAfee and the latest Gartner Group-anointed "visionary" of next-generation firewalls, iPolicy Networks, didn't have products that fulfilled our required feature set. Lucent Technologies sent us the wrong product and Nokia did not respond at all, while Cisco Systems, Crossbeam Systems, ISS, Nortel Networks, SonicWall and WatchGuard declined to participate.