Comparison between checkpoint VPN-Gateway and Microsoft ISA

Posted on 2002-05-28
Medium Priority
Last Modified: 2013-11-16
What's the comparison between checkpoint VPN-Gateway and Microsoft ISA.
Can I get documentation for the comparison of the two product?
Question by:Mariecel_LSI
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
LVL 23

Accepted Solution

Tim Holman earned 200 total points
ID: 7042342
LVL 14

Expert Comment

ID: 7042370
Regardless of feature comparison, do you really want a firewall that's deeply integrated into Windows?  Regardless of how good the ISA code itself is, you can't possibly tell me this is a good idea from a security standpoint.

Not that CheckPoint has a spotless record either, but it's generally pretty solid.

Author Comment

ID: 7043493
You've given me great  nswers that will support on my documentation.You've given me what i've wanted.
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.


Author Comment

ID: 7043510
    Can you expound your answer pls? It's the best but I need to document this comparison of the two product.Thank you.
LVL 23

Expert Comment

by:Tim Holman
ID: 7044042
If you take the time to harden Windows properly, then it is pretty secure.
There were vulnerabilities en masse to do with IIS and IE, but if you disable these, then you're relatively safe.
However, the architecture of Windows is designed around an application based operating system.  There's a lot of junk in there that will slow it down.
Unfortunately, Microsoft never gained the trust of the security community - they always have been and always will be the #1 hack / crack target by the anarchists and anti-captialists.  Such an extensive probe of any operating system will eventually find vulnerabilities, and if it is closed, rather than open like Linux, then they are just waiting to be discovered, rather than known about and patched.
Plus with Windows you've got all the moving bits - fans, hard disks, keyboards, mice, cables, which are prone to failure and generally take systems down.
A solid state firewall (eg Cisco PIX, Netscreen) is far more reliable, and faster.  The only moving bit is a fan, and usually these are installed redundantly.
This also applies to Check Point - it is based on an I386 / hard disk architectures, although if you run it on Linux it's very fast, as it was designed around UNIX in the first place...
LVL 14

Expert Comment

ID: 7044819
It wasn't so much those things I was thinking about, but more that the ISA code shares a lot of the IIS and IE code for web handling (known true based on past vulnerability disclosures).  So, if IIS and IE can't be trusted, then neither can ISA.

Author Comment

ID: 7046304
Thank you Chris Calabares and Tim Holman for all teh answers.I think thats enough for my client to go on Checkpoint rather that Microsoft ISA.

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month12 days, 14 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question