[windows2000] Re: OT Firewalls
- From: "Greg Reese" <GReese@xxxxxxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Fri, 27 Feb 2004 14:30:46 -0500
I have no problem spending the money. My company will allow me to spend
whatever I want whenever I want without much question.
I just don't like Watchguard's new practice of holding their customers
hostage like this and want to see what else is out there.
If I can get the same level of security and not be held hostage by their
competition, then I want to explore that before I make a decision.
Greg
_____
From: Tony Lyne [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of
Tony Lyne
Sent: Friday, February 27, 2004 2:24 PM
To: windows2000@xxxxxxxxxxxxx
Subject: RE: [windows2000] Re: OT Firewalls
Jim is absolutely right here. A large part of my job is security
consultation and design.
We all spend so many $$$ a year keeping out Antivirus and other gateway
products up to date but totally make it pointless if you dont keep your
perimiter security up to scratch. Firewalls are often seen as a once
only expense and IT shops often neglect the importance of keeping them
patched and up todate.
Many firewalls are looking at working at different layers (application
layer rather than stateful inspection only) as well as attacks are
becoming more advanced, which is why you have to spend the extra $$ to
subscribe to their support programs.
Trust me, spending the extra money on staying up to date is worth it in
the long run.
Also dont forget about a decend NIDS/IDS system. My recommendation is
Eaglex and snort from engage security. Its open source and is perfect
for keeping an eye on your firewall to make sure its doing its job
internally and externally. Also it can be used to keep check on youre
internal network traffic.
My personal preference in firewalls is Borderware firewall server and
Netscreens range.
My 2c worth.
Tony.
-----Original Message-----
From: Jim Kenzig http://thin.net [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Sat 28/02/2004 7:09 a.m.
To: windows2000@xxxxxxxxxxxxx
Cc:
Subject: [windows2000] Re: OT Firewalls
How much would it cost you to clean up if your network was
hacked? How much money would your company lose from downtime. Would
you still have a job?
$7000 is pennies when I start answering those questions. Every 3
years updating critical hardware is not unrealistic. Bandwidth
technology has improved every few years also...it makes sense to keep
your equipment in line with it.
JK
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Greg Reese
Sent: Friday, February 27, 2004 11:57 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: OT Firewalls
My Cisco gear has been in the rack for four years. We
keep out smartnet up to date and have never had a problem. Cisco has
never come back to us and told us we have to replace all our hardware
with their new stuff.
The Firebox X only comes with 90 days of live security
so right off the bat I have to buy more live security. It doesn't
include Web Blocker anymore either. they keep telling me that I only
have to buy the features I need and can upgrade later. That would be
great if it was cheaper but its not. The firebox X 700 now ends up
costing me over $3000.00. I have 125 users and don't use VPN. Then
what, in two years they tell me that the X is being retired and I have
to throw it out and buy the all new XI?
I paid 2000 for the firebox two. I renewed Live Security
on it for two years. I now have over $4000 invested in a firewall that
I have to throw out and spend another $3000 to replace it. $7000 in
three years for internet security is a bit steep for 125 users and no
VPN.
Greg
_____
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig
http://thin.net
Sent: Friday, February 27, 2004 11:39 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: OT Firewalls
C'mon Greg,
WatchGuard, Rules....it makes sense that you'll need to
keep your firmware up to date to keep up with the latest vulnerabilities
and threats. All the vendors do it especially Cisco. It is planned
obsolescence. I'd get the Firebox X in a heartbeat.
JK
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Greg Reese
Sent: Friday, February 27, 2004 11:29 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] OT Firewalls
I have been a loyal Watchguard customer for a
few years now but their new strategy of cutting off old products and
forcing you into new ones is pissing me off right now.
I am exploring other options. What are the rest
of you using for firewalls?
I liked Watchguard because I could configure it
myself and they had great support available online. But they dropped
support for the Firebox II and are telling me I have to get a Firebox
III. Now they have come out with the Firebox X. I am sure by the end
of the year they will be telling me I have to upgrade from the III to
the X. I really don't want to play that game. I get enough of that
from Microsoft and Great Plains. I don't need it from my firewall too.
Greg
Other related posts:
