Hi Rainfinity and Nokia : Is there a plan for Rainfinity to work on Nokia IP650 which runs IPSO? How would you compare with HA module in FW-1 version 4.1 and StoneBeat? How would you compare Rainwall with FW load balancing using L4 switches , say, Alteon? See http://www.alteonwebsystems.com/products/white_papers/flbwp/index.shtml How many FW-1 can RAINWall support to work together? Regards Hi all : Anyone got experience with Rainwall and FW load balancing with L4 switches, and would like to share? Hi Stonebeat : Are you affected by FW-1 HA and Rainwall? How would you compare with these? YT > -----Original Message----- > From: owner-firewall-wizardsat_private > [mailto:owner-firewall-wizardsat_private]On Behalf Of Yin To Chu > Sent: Saturday, February 05, 2000 2:31 AM > To: Jeff Thomas; firewall-wizardsat_private > Subject: RE: Nokia/Checkpoint > > > Is it possible to scale the FW by using load balancing switches, say, from > Alteon, Foundry, Arrow point, F5, Extreme, RADWare, CIsco,etc, > with multiple > FWs? > > Is it possible to provide N+1 redundancy in this case? > Is it still possible to maintain transparency to end point > systems and how? > > YT > > -----Original Message----- > From: owner-firewall-wizardsat_private > [mailto:owner-firewall-wizardsat_private]On Behalf Of Jeff Thomas > Sent: Friday, 4 February 2000 12:00 > To: firewall-wizardsat_private > Subject: Nokia/Checkpoint > > > The Nokia platforms are FreeBSD. The OS is heavily modified. It is not a > standard FreeBSD install. The benefits of this product is the low admin > needed to maintain it. You don't need to be a unix guru to > manage it. The > use of packages allows to to upgrade and revert to a previous version of > firewall-1 or the OS itself. In other words, you can run several versions > on the same box. you simply activate the one you need. Good for managed > services in my opinion. A web interface is provided to do all the admin. > It is responsive and works well. SSH is available for the commandline > commandos. Supports OSPF, BGP (extra cost), IGRP which is implemented in > the routing daemon. Has ACL capabilities as well. > > One thing I disagree is the fact you have to get NIC from Nokia. Probably > a result of the modified kernel and drivers used. Things tend to get > pricey this way. Models avaialble are the IP330/VPN220 - remote office, > IP440 - enterprise, and IP600 - carrier. The IP440 used to offer the most > configurations. The IP600 is catching up. IP600 does not offer mirrored > drives as the IP440 does. Yet the IP440 doesn't offer redundant power or > hot-swap as the IP600 does. IP330/VPN are pretty much fixed configs. > > Support was always good. I understand Checkpoint is to take this over > though (not knocking checkpoint). > Parts were received in a day or two. > > One question I have is regarding the post that Nokia is behind in > HA. What > does Stonebeat have that puts it ahead in regard to HA? I find VRRP to > work well. Plus, I don't need an extra $10000 for HA. VRRP is able to > backup multiple systems. It is also a standard. Now if your talking > clustering or load balancing then I agree. All though you can > load balance > using OSPF and VRRP I believe. >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:39 PDT