Here is a reply from the SonicWall NW Sales rep on some of the issues that have been raised. I personally can't confirm nor deny any of his claims.... "I believe it is now with the latest firmware 1,000 rules however I'll verify. The noise your hearing about failures is on the two series boxes that stopped shipping late last year. Turns out they had a faulty power supply that would create about six different scenarios. We are supplying those eol boxes with a new power supply and they are off and running. Also in the 6.2x and beyond we added a heartbeat feature in our VPN tunnels to address the issue of a tunnel failure. It will now renegotiate a new tunnel and fail all the traffic over if it sees any issues with the active tunnel." Steve Doucette, CSS-1, CCNP Security Specialist Moore Communications sdoucette@private -----Original Message----- From: Zot O'Connor [mailto:zot@private] Sent: Wednesday, July 10, 2002 10:56 AM To: crime@private Subject: Re: CRIME Sonicwall ?? The config screens we have dealt with are "easy to use" but difficult to fathom the detailed underlying issues. The manuals are not helpful in this area. So if you are just hooking the company to the net, it's easy, but i you have a bunch of port forwards, DMZ machines, and filters, it can be difficult. This is true of most web based interfaces. From a English standpoint: There is no way to tell the system which layer of protection happens when. So two rules that process the same type of packet, but one allows, and one denies, there is no clear order when the rules are on different screen. There also was no way we could find to just print the rules to a file. You can download the config, but its binary. > >Does anyone have any issues with Sonicwall equipment? > >Are there any holes ? How does it compare to other equipment? > >Thank you. > -- Zot O'Connor http://www.ZotConsulting.com http://www.WhiteKnightHackers.com
This archive was generated by hypermail 2b30 : Fri Jul 12 2002 - 12:59:23 PDT