Solved

Firebox X500 vs Symantec Gateway 360R

Posted on 2004-09-13
3
361 Views
Last Modified: 2010-04-09
Hello experts.

We have a 50 user company. I was looking to get a firewall, and after a some research, desided to go with Firebox X500.
My reasoning was: good reviews, easy to maintain, and not very complicated in settings.
Recently though, i saw Symantec Gateway Security 360R, and thought that it might be a better choice, price wise.

From what i see, main difference is firewall throughput Sym 60Mgbs and Firebox 100Mgbs, and VPN Sym 15Mgbs and firebox 20Mgbs.
Can you guys briff me on other differences that might be important, and a little definition on Throughput would be great too :)

thank you
0
Comment
Question by:dialbat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
LimeSMJ earned 125 total points
ID: 12050191
Firebox X500 is a better firewall due to its application level filtering - whereas the Symantec firewall does not (only does stateful packet inspections).  I would definitely forgoe wireless upgradability for that alone.

Throughput is just how much data the firewall can handle at once - both incoming and outgoing.  Since each of the packets must be analyzed for security, every firewall (software, hardware, or both combined) has a limit as to how much it can handle at once.
0
 

Author Comment

by:dialbat
ID: 12050403
Thanks Lime.
But can u add some more on wireless, adding it to X500? good bad?
0
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 12050535
Well the wireless option on the Symantec is pretty much sticking a notebook wireless card in the PC Card slot on the side.  This option truly is bizarre as my firewall is deep within an air conditioned room surrounded by wires and power cables that would probably limit the Symantec's wireless range to just outside the locked steel door.  I don't understand what they were thinking when they offered this option...  anyways...

With any wired layout you can just add wireless just by plugging an access point into the network regardless of what firewall you have (it's just that easy).  Now for the bad part.  Adding an access point to the network increases your point of attack from one (the firewall) to two - the firewall and the access point.  If you decided you were fed up with hackers and decided to block all access to and from the net in the firewall (or just unpluged the WAN by accident...), intrusion can still be had via the access point.

My current network has an access point but it is simply for some 802.11b wireless spy cams - don't ask me... the boss wanted it.  I am filtering wireless access by MAC address which hardens the access point's security... in addition to a 128 bit WEP key.  My opinion on wireless:  Unless you have a really strong reason for using wireless (like if the CEO just wanted to use his wireless laptop or something), I wouldn't rush out and get a wireless access point - especially in areas where there's a lot of people (NYC, LA, etc...).  Wireless hijacking is really common in those areas - in fact there are 6 unprotected wireless networks in my apartment building alone (sigh...).

Again, if it fits your needs, get it.  Otherwise, avoid it like the plague.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question