Awesome idea, now if only my company were willing to shell out dollars for an IDS > -----Original Message----- > From: Tony Lyne [SMTP:Tony.Lyne@xxxxxxxxxxxxxxxxxx] > Sent: Friday, February 27, 2004 2:24 PM > To: windows2000@xxxxxxxxxxxxx > Subject: RE: [windows2000] Re: OT Firewalls > > Jim is absolutely right here. A large part of my job is security > consultation and design. > > We all spend so many $$$ a year keeping out Antivirus and other gateway > products up to date but totally make it pointless if you dont keep your > perimiter security up to scratch. Firewalls are often seen as a once only > expense and IT shops often neglect the importance of keeping them patched > and up todate. > > Many firewalls are looking at working at different layers (application > layer rather than stateful inspection only) as well as attacks are > becoming more advanced, which is why you have to spend the extra $$ to > subscribe to their support programs. > > Trust me, spending the extra money on staying up to date is worth it in > the long run. > > Also dont forget about a decend NIDS/IDS system. My recommendation is > Eaglex and snort from engage security. Its open source and is perfect for > keeping an eye on your firewall to make sure its doing its job internally > and externally. Also it can be used to keep check on youre internal > network traffic. > > My personal preference in firewalls is Borderware firewall server and > Netscreens range. > > My 2c worth. > > Tony. > > -----Original Message----- > From: Jim Kenzig http://thin.net [mailto:jimkenz@xxxxxxxxxxxxxx] > Sent: Sat 28/02/2004 7:09 a.m. > To: windows2000@xxxxxxxxxxxxx > Cc: > Subject: [windows2000] Re: OT Firewalls > > > How much would it cost you to clean up if your network was hacked? > How much money would your company lose from downtime. Would you still > have a job? > $7000 is pennies when I start answering those questions. Every 3 > years updating critical hardware is not unrealistic. Bandwidth technology > has improved every few years also...it makes sense to keep your equipment > in line with it. > > JK > > -----Original Message----- > From: windows2000-bounce@xxxxxxxxxxxxx > [mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Greg Reese > Sent: Friday, February 27, 2004 11:57 AM > To: windows2000@xxxxxxxxxxxxx > Subject: [windows2000] Re: OT Firewalls > > > My Cisco gear has been in the rack for four years. We keep > out smartnet up to date and have never had a problem. Cisco has never > come back to us and told us we have to replace all our hardware with their > new stuff. > > The Firebox X only comes with 90 days of live security so > right off the bat I have to buy more live security. It doesn't include > Web Blocker anymore either. they keep telling me that I only have to buy > the features I need and can upgrade later. That would be great if it was > cheaper but its not. The firebox X 700 now ends up costing me over > $3000.00. I have 125 users and don't use VPN. Then what, in two years > they tell me that the X is being retired and I have to throw it out and > buy the all new XI? > > I paid 2000 for the firebox two. I renewed Live Security on > it for two years. I now have over $4000 invested in a firewall that I > have to throw out and spend another $3000 to replace it. $7000 in three > years for internet security is a bit steep for 125 users and no VPN. > > Greg > > > > _____ > > From: windows2000-bounce@xxxxxxxxxxxxx > [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig > http://thin.net > Sent: Friday, February 27, 2004 11:39 AM > To: windows2000@xxxxxxxxxxxxx > Subject: [windows2000] Re: OT Firewalls > > > C'mon Greg, > WatchGuard, Rules....it makes sense that you'll need to keep > your firmware up to date to keep up with the latest vulnerabilities and > threats. All the vendors do it especially Cisco. It is planned > obsolescence. I'd get the Firebox X in a heartbeat. > JK > > -----Original Message----- > From: windows2000-bounce@xxxxxxxxxxxxx > [mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Greg Reese > Sent: Friday, February 27, 2004 11:29 AM > To: windows2000@xxxxxxxxxxxxx > Subject: [windows2000] OT Firewalls > > > > I have been a loyal Watchguard customer for a few > years now but their new strategy of cutting off old products and forcing > you into new ones is pissing me off right now. > > I am exploring other options. What are the rest of > you using for firewalls? > > I liked Watchguard because I could configure it > myself and they had great support available online. But they dropped > support for the Firebox II and are telling me I have to get a Firebox III. > Now they have come out with the Firebox X. I am sure by the end of the > year they will be telling me I have to upgrade from the III to the X. I > really don't want to play that game. I get enough of that from Microsoft > and Great Plains. I don't need it from my firewall too. > > Greg > > > > ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm