The Nokia platforms are FreeBSD. The OS is heavily modified. It is not a standard FreeBSD install. The benefits of this product is the low admin needed to maintain it. You don't need to be a unix guru to manage it. The use of packages allows to to upgrade and revert to a previous version of firewall-1 or the OS itself. In other words, you can run several versions on the same box. you simply activate the one you need. Good for managed services in my opinion. A web interface is provided to do all the admin. It is responsive and works well. SSH is available for the commandline commandos. Supports OSPF, BGP (extra cost), IGRP which is implemented in the routing daemon. Has ACL capabilities as well. One thing I disagree is the fact you have to get NIC from Nokia. Probably a result of the modified kernel and drivers used. Things tend to get pricey this way. Models avaialble are the IP330/VPN220 - remote office, IP440 - enterprise, and IP600 - carrier. The IP440 used to offer the most configurations. The IP600 is catching up. IP600 does not offer mirrored drives as the IP440 does. Yet the IP440 doesn't offer redundant power or hot-swap as the IP600 does. IP330/VPN are pretty much fixed configs. Support was always good. I understand Checkpoint is to take this over though (not knocking checkpoint). Parts were received in a day or two. One question I have is regarding the post that Nokia is behind in HA. What does Stonebeat have that puts it ahead in regard to HA? I find VRRP to work well. Plus, I don't need an extra $10000 for HA. VRRP is able to backup multiple systems. It is also a standard. Now if your talking clustering or load balancing then I agree. All though you can load balance using OSPF and VRRP I believe.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:37 PDT