lisalim
asked on
Firewall & Mail Servers
1. What is the most popular firewall used by banks currently ?
2. Is it possible to have two different domain names from the same mail server ?
2. Is it possible to have two different domain names from the same mail server ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, Cyberguard has just won an award. But it was not in the field as long as Checkpoint and doesn't have the name that Checkpoint has build onto it. For Cisco, their firewall is not among the best, but they have the good image and support behind it and their usually sell a complete solution end to end. That's why their firewall got into majors accounts including banks.
one issue for financial institutions is auditability of the
firewall. that is, is is possible to independently verify that
the firewall's behavior is correct. the only way to do this
is by source code inspection.
to my knowledge the only practical options that satisfy this requirement are:
gauntlet from TIS (now network associates).
custom firewalls based on various firewall toolkits, e.g.
fwtk-2.0 from tis.
popularity is not a good reason to pick a firewall. both requirements and custom and practice differ considerably among
financial institutions.
another comment is that a single solution is unlikely to be as
strong as a "belt and suspenders" approach, using both packet filtering and proxy firewalls (independent technologies) in series, and from different vendors. e.g. carefully implemented
router packet filtering as well as a proxy firewall are my usual chosen solution when you have other people's secrets to protect.
firewall. that is, is is possible to independently verify that
the firewall's behavior is correct. the only way to do this
is by source code inspection.
to my knowledge the only practical options that satisfy this requirement are:
gauntlet from TIS (now network associates).
custom firewalls based on various firewall toolkits, e.g.
fwtk-2.0 from tis.
popularity is not a good reason to pick a firewall. both requirements and custom and practice differ considerably among
financial institutions.
another comment is that a single solution is unlikely to be as
strong as a "belt and suspenders" approach, using both packet filtering and proxy firewalls (independent technologies) in series, and from different vendors. e.g. carefully implemented
router packet filtering as well as a proxy firewall are my usual chosen solution when you have other people's secrets to protect.
ASKER
1. What about CyberGuard ? Heard it swept a lot of awards ?