Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Firewalls Comparison

Posted on 2002-06-27
Medium Priority
Last Modified: 2013-11-16
1] What's the comparison between Checkpoint VPN-1 Enterprise VPN Center versus Watchguard versus CISCO PIX?I need white paper on this matter pls..
Question by:Mariecel_LSI
LVL 16

Expert Comment

ID: 7119721
All overpriced and rather crappy - check out astaro [ www.astaro.com ]- I guarantee their salespeople will provide you with the "white paper" comparison you desire - if they cannot, I can...


Author Comment

ID: 7121001
I really need the comparison between checkpoint vpn-1 enterprise versus cisco pix versus watchguard..i need the whitepaper as soon as possible..my client needs it..tnx..captain
LVL 23

Accepted Solution

Tim Holman earned 400 total points
ID: 7125184
It all depends what the client wants to do and how much they've got to spend.
They're all excellent products, but if you've a particularly complicated or large Enterprise, then Check Point is really the only choice.
I don't think there's a whitepaper as such, but these links may help:



The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!


Expert Comment

ID: 7151266
Ummm, and why not OpenBSD? One hole in nearly six years in the default install is a poretty good record, ipsec out of the box. All it needs is a good admin (hell, IIRC there are GUIs for pf rules too).
LVL 16

Expert Comment

ID: 7151676
Just give him his whitepaper - I get the impression he doesn't have much choice.  And I am sad to say I agree with tim (use checkpoint) if those are your only 3 choices, but he is crazy to suggest that they are all "exellent products".


Expert Comment

ID: 7163576
Hmm. Since each and every network is unique, recommending anything is nothing but impossible. In fact, the recommended products are likely not the product of choice, some for a simple lack of quality and self-centered security, others because they deliver substandard performance and quality at exorbitant prices.

Expert Comment

ID: 7203756
I did a google search and read through stuff for about 10 minutes.  There wasn't a lot, but here is a review from last year that covers all three companies.  Granted, it is a little dated, but at least it's something:

I really wouldn't rely on a whitepaper anyway.  The goal should be to purchase something that fits your needs.  To do this, you need to know what your needs are and how each product addresses them.  Then you can make your decision.

Personally, I would recommend calling each vendor and have them explain why their solution is the best and how their solutions address your needs.  Once you spoken with all three, you can compare what they have to say.  You can then go back to them with better questions.  It might also help to post what they say to a board like this one for some input from people who actually use the products.

Who knows, you may get a free lunch out or two of the deal too. =)
LVL 16

Expert Comment

ID: 7205173
Whatever the vendor says over the phone, make them put it in writing - I've seen countless salesdroids lie like dogs about product functionality just to get one more comission (they always pretend later to not have properly undertood the question, or sometimes the technology)...

Once again, if you can influence the decision at all, may I suggest Astaro - I've deployed several of these and they have always outmeasured all the other crap I see out there (in fact, I often have to use Astaro to diagnose problems with remote Ciscos, Checkpoints, Watchguards, etc - see below).  The diagnostic capabilities alone have paid for the licenses many times over - my company has many corporate clients that connect to our network via a variety of methods (our contracts specify that if we engage in network consulting for any of our clients or contractors, we shall invoice them at a rather exhorbitant rate).  Every time anyone has had connectivity issues with our network, not only has it not been our problem, but I have been able to provide explicit diagnostic evidence that usually indicates the exact problem on the remote network (and then we travel directly to "Go", and collect our exhorbitant network consulting fees).  The fact that we can bill people for fixing their networks (which is only a secondary service - we are actually primarily engaged in an entirely, non-computer related business), rather than wasting time diagnosing problems on our own network is enough to sell me on Astaro (and our accountants, as well).



Expert Comment

ID: 9711603
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts awarded to tim_holman.
Please leave any comments here within the next seven days.


EE Page Editor

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question