From: Engelhard M. Labiro (engelhard@netmarks.co.jp)
Date: Wed Oct 09 2002 - 10:25:46 GMT-3
Hi All,
Just FYI , there is a Netscreen group at Yahoo for discussing NS`s
issues. Follow this link:
http://groups.yahoo.com/group/Netscreen_Firewall/
Regards,
On Wed, 9 Oct 2002 14:04:38 +0200
Roberto Giana <Roberto.Giana@econis.com> wrote:
> Hi
>
> Well. One interessting feature of the bigger NetScreen Devices is that it
> supports a "Multi-Customer" environment. This means, that you can implement
> a VLAN for each customer, which is protected through the NetScreen, and give
> management access to the customers for their own part of the firewall. So
> you can split your firewall box into several virtual firewalls. But it's a
> feature more intended for service providers than for single customers.
> -NetScreen has the ability to run in transparent mode (bridging mode) which
> makes it very difficult (nearly impossible) to detect it through
> tracerouting.
> -NetScreen supports ICMP-redirections, which makes it possible to use it as
> a default-gateway in small networks environments.
> -NetScreen supports a local user database, which makes it possible to do a
> simple user authentication without any external services like radius/tacacs.
> -NetScreen supports only radius (=no tacacs).
> -NetScreen has the better Web-Interface than the Piggs.
> -The new NetScreen software (4.0) also supports OSPF and BGP routing.
> -On NetScreen you can disable inter-VLAN routing, which allows you to use
> the box for several cusotmer networks, where the single customers can only
> talk to the Internet but not to each others. Something simmilar to "private
> VLANS".
>
>
> Regards
> Roberto
>
>
> -----Original Message-----
> From: P729 [mailto:p729@cox.net]
> Sent: Mittwoch, 9. Oktober 2002 08:42
> To: Armand D; CCIELab
> Subject: Re: PIX vs Netscreen
>
>
> A year ago, this article was a real eye-opener for me:
> http://www.tolly.com/News/NewsDesk/TS201111NetScreenJul01.asp (full article
> available at NetScreen's site)
>
> The 535 basically got smoked by an NS-500. A bug in the PIX code was cited
> and there's been a major release of PIX code since then, so a follow-up test
> would be real interesting...
>
> Regards,
>
> Mas Kato
> https://ecardfile.com/id/mkato
> ----- Original Message -----
> From: "Armand D" <ciscoworks2001@yahoo.com>
> To: <ccielab@groupstudy.com>
> Sent: Tuesday, October 08, 2002 10:01 AM
> Subject: PIX vs Netscreen
>
>
> Hello all,
>
> I'm wondering if anyone can give me their $0.02 on PIX
> versus Netscreen. I work for a security services
> company, and we sell a whole bunch of PIX but that's
> changing. Lately, I'm touching a whole bunch of
> Netscreen, Watchguard, etc.-- I keep hearing the
> Netscreen product is vastly superior to PIX in terms
> of price and performance. They also tout good central
> management, site to site VPN tunnels.
>
> Any feedback would be greatly appriciated.
>
> Regards,
>
> Armand
>
> http://mobile.yahoo.com.au - Yahoo! Messenger for SMS
> - Always be connected to your Messenger Friends
>