?
Solved

Checkpoint vs PIX

Posted on 2002-05-13
18
Medium Priority
?
30,084 Views
Last Modified: 2013-11-16
I have a competitive overview from Checkpoint for why Checkpoint is better than PIX. I need a competitive overview from Cisco about why PIX is better than Checkpoint. Does anyone know where to find one? It must have all the technical stuff in there as well. Thanks.
0
Comment
Question by:buyer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
  • +4
18 Comments
 
LVL 1

Expert Comment

by:tonimargiotta
ID: 7007879
You should probably read this lab test .........

http://www.networkcomputing.com/1223/1223f2.html

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7008649
PIX is half the price !
Check Point is good for large scale Enterprise firewall management, PIX is traditionally good for singular installations, however, with the release of PIX device manager, it's easier to implement PIX on a larger scale, as long as the config isn't too complicated.
Also look at Netscreen - fastest of the bunch and similarly priced to the PIXes.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7011220
And don't forget to look at Netscreen.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7011223
Oh and another thing, CheckPoint prices vary wildly with who you're buying the hardware from.  Check out www.intrusion.com, which has appliance systems that are much less expensive than the Nokia's.  Also check out CheckPoints "Linux appliance on a CD" solution.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7011411
Check Point is very much reserved for top-end, enterprise level networks, both in price and in the things it does.
It's getting even more higher-level with the release of NG (and more expensive!).
If there is only a single firewall requirement, DON'T go with Check Point - Netscreen, Cisco are much better (and cheaper) and doing this sort of thing.
0
 
LVL 13

Expert Comment

by:hstiles
ID: 7013589
Everyone has their preferences in terms of firewall solutions.

Checkpoint are, perhaps intentionally, pricing themselves out of the medium size market and straight into the enterprise market.  My only question is why anyone with a large enterprise would deploy Checkpoint on an NT server.

Cisco's solution is good in that it is very modular - the web blocking is handled by Web Trends, the NAT by the router, the authentication by TACACS, etc...

I like the Watchguard solution a lot.  It's neat, intuitive, comptetitively priced and has excellent VPN support.

I guess it you don't need more than three interfaces and aren't dealing with modest throughput requirements, an appliance will serve you well
0
 

Author Comment

by:buyer
ID: 7015328
Ive checked out all leads but still am looking for an OVERALL comparison between the PIX and Checkpoint (NG). So far tonimargiotta is close but that really only covers HA.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7016346
Although both firewalls, they are suited to different installation types, so comparison is not really fair, which is why there aren't many.
What environment are you looking to install in, and I'll advise which one would be more suitable... ?
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7016938
Also, given the $300 CheckPoint Sofaware box and the $500 Intrusion.com CheckPoint box, I don't think you can say that CP is priced out of the small market.  That said, it is definitely true that they don't necessarily fit every installation either.

It's not that I'm a CP fan, but rather that I'm pointing out that there are CP based solutions for small companies.

But there are also very good PIX and Netscreen solutions for them.  You really need  to look at all three, and also examine what firewall features you really want/need.
0
 

Author Comment

by:buyer
ID: 7017779
It shouldnt matter what envirnment there in. What Im looking for is stuff like:
CP can do Anti-spoofing right on the firewall, can PIX?
CP can do SYN flood protection, can PIX
CP has Hide NAT but PIX uses PAT

Things like this. Im not concerned about what the Cisco router can do. I only care about the PIX capabilities. Thanks.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 7021679
Generally speaking, all the leading firewalls are capable of doing the same things.  The question is which one is best for the particular type of thing you actually need to do.  But we can't help you unless we know the particular problem you're trying to solve.

My advice is to write down a description of exactly what you want your firewall to do, and then invite the vendors in to explain how their solution can fit your needs.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7021921
(PIX capabilities are listed on the Cisco website)
0
 

Expert Comment

by:1stomni
ID: 7022444
There is no comparison, any firewall on NT is not a firewall.  Unless you have nothing better to do than to patch and upgrade NT each and every day, it is absolutely a waste of time to use CheckPoint.
0
 
LVL 1

Accepted Solution

by:
tonimargiotta earned 150 total points
ID: 7023751
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7027002
Nice links.... bear in mind that you get PIX device manager with PIX now - Java based, which makes simple tasks easier (ie assigning IP addresses, zones etc), but the tricky stuff still needs to be done via the cmd line.
0
 

Author Comment

by:buyer
ID: 7033267
These were just about what I wanted although whenever I see Cisco compared to Checkpoint I always see that PIX uses a new version and Checkpoint using the old 4.1 version. A lot of fixes were added to NG. Thanks again.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7042347
Found this on my travels - you can have hours of fun with this !

http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
 

Expert Comment

by:mgbyrne2004
ID: 11497502
*** advertising removed by Netminder, Site Admin ***
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question