Re: ASA vs Checkpoint

From: Ina&Laurean (ina.laurean@gmail.com)
Date: Wed Jul 23 2008 - 15:54:12 ART

• Next message: Kamran Habib: "Re: match protocol skype doesn't work"
• Previous message: David Chances: "RE: ASA vs Checkpoint"
• Maybe in reply to: dip: "ASA vs Checkpoint"
• Next in thread: Joseph Brunner: "RE: ASA vs Checkpoint"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have to agree with Jeff; normally I would blame my self first because I
may not do something right, but for hardware failures and for issues where
the company support can't resolve .... than I have to take a second look at
the product.

Laurean

On Wed, Jul 23, 2008 at 2:45 PM, David Chances <davidchances@yahoo.com>
wrote:

> That's easy to say from where you are....
>
> An since when has it been called Chokpoint??
>
> --- On Wed, 7/23/08, Biggs, Jeff (M/CIO/BIE) <JBiggs@usaid.gov> wrote:
> From: Biggs, Jeff (M/CIO/BIE) <JBiggs@usaid.gov>
> Subject: RE: ASA vs Checkpoint
> To: davidchances@yahoo.com, "dip" <diptanshu.singh@gmail.com>,
> ccielab@groupstudy.com, security@groupstudy.com
> Date: Wednesday, July 23, 2008, 2:42 PM
>
>
>
>
>
>
>
>
>
>
>
>
> Riiiiiiiight.
> So the Nokia and Checkpoint guys who we had figure this out also didn t
> know
> what they were talking about, that pretty much proves my point
>
>
>
> Thanks,
>
>
>
> Jeffrey
> Biggs
>
> CCIE
> #21127 (R&S)
>
>
>
>
>
> From: David Chances
> [mailto:davidchances@yahoo.com]
>
> Sent: Wednesday, July 23, 2008 2:39 PM
>
> To: dip; ccielab@groupstudy.com; security@groupstudy.com; Biggs, Jeff
> (M/CIO/BIE)
>
> Subject: RE: ASA vs Checkpoint
>
>
>
>
>
>
>
>
> Some companies just don't know how to use Checkpoint
> properly, hence they blame the product. A seasoned product will not just
> randomly drop packets. If you balls up the configuration it will, if you
> install and use it the way it was designed it won't.
>
>
>
> This is the same problem people have with MS products, too easy to throw
> the
> blame when you can't get it to work.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --- On Wed, 7/23/08, Biggs, Jeff (M/CIO/BIE) <JBiggs@usaid.gov>
> wrote:
> From: Biggs, Jeff (M/CIO/BIE)
> <JBiggs@usaid.gov>
>
> Subject: RE: ASA vs Checkpoint
>
> To: "dip" <diptanshu.singh@gmail.com>,
> ccielab@groupstudy.com, security@groupstudy.com
>
> Date: Wednesday, July 23, 2008, 9:14 AM
> We are presently getting off "Chokepoints" and moving to Junipers. We
>
> have had Chokepoints in our network for about 8 years and while we were
>
> running Checkpoint 2000 software (first 3 years), we never had an issue.
>
> When we had to upgrade to Chokepoint NG, life has sucked ever since and
>
> we have had nothing but problems. Particularly with our VPN setup. We
>
> were running a Point to Multipoint VPN solution and the firewall could
>
> not handle the load, even with the VPN accelerator card installed. We
>
> also had issues with the Horizon Manager software and how slow it was to
>
> make changes to the Firewall since we Centrally Managed them.
>
>
>
> But to top it off, we had a problem where the Firewalls were randomly
>
> dropping GRE packets. This fiasco turned into a 6 month nightmare of
>
> our NOC and Firewall team pointing fingers at one another. We finally
>
> brought in Cisco, Chokepoint and Nokia, since Nokia is the preferred
>
> Hardware platform of Chokepoint. After a week of being locked in a room
>
> together, Nokia found that the Chokepoint software kernel on the NIC was
>
> dropping the GRE packets. That turned into another finger pointing
>
> contest between Chokepoint and Nokia. We finally just said the heck
>
> with it and during our Tech Refresh of the Security perimeter, we did an
>
> evaluation of Juniper vs. Chokepoint.....well from this email you can
>
> tell who won.
>
>
>
> Jeffrey Biggs
>
> CCIE #21127 (R&S)
>
>
>
>
>
>
>
> -----Original Message-----
>
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>
> dip
>
> Sent: Tuesday, July 22, 2008 4:02 PM
>
> To: ccielab@groupstudy.com; security@groupstudy.com
>
> Subject: ASA vs Checkpoint
>
>
>
> Hi Guys,
>
>
>
> i have to evaluate between Cisco ASA and Checkpoint for a big
>
> enterprise. I
>
> think this is a better place to ask since lot of people would have
>
> worked on
>
> both products.
>
>
>
> Please provide me all the plus points which you saw in checkpoint which
>
> you
>
> think currently Cisco ASA doesn't have or vice versa.
>
> Also what feature's checkpoint has which you think should be must in
>
> cisco
>
> Firewalls .
>
>
>
>
>
>
>
> Thanks
>
> Dip
>
>
>
>
>
> _______________________________________________________________________
>
> Subscription information may be found at:
>
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
> _______________________________________________________________________
>
> Subscription information may be found at:
>
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Kamran Habib: "Re: match protocol skype doesn't work"
• Previous message: David Chances: "RE: ASA vs Checkpoint"
• Maybe in reply to: dip: "ASA vs Checkpoint"
• Next in thread: Joseph Brunner: "RE: ASA vs Checkpoint"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART