FirewallWizards
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [fw-wiz] Netscreen firewalls

from [Jon Sabo] [Permanent Link][Original]
To: "Firewall Wizards Security Mailing List" <firewall-wizards@listserv.icsalabs.com>
Subject: Re: [fw-wiz] Netscreen firewalls
From: "Jon Sabo" <jonathan.sabo@gmail.com>
Date: Fri, 15 Dec 2006 14:48:54 -0500
Cc: mlinfosec@comcast.net
Delivered-to: sp-com-lists@consult.net
Delivered-to: fwwizards-list2@consult.net
Delivered-to: firewall-wizards@listserv.icsalabs.com
In-reply-to: <000a01c72070$9531bfc0$6401a8c0@powerup64>
List-archive: <https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help: <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id: Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post: <mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
References: <1865060443.1165907094175.JavaMail.root@fepweb09> <000a01c72070$9531bfc0$6401a8c0@powerup64>
Reply-to: Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender: firewall-wizards-bounces@listserv.icsalabs.com
Mike,

I doubt you're going to find much of a downside.  While working for one of the larger MSSP's we deployed lots of the different firewalls for hundreds of different companies.  As a result Netscreens are my favorite firewall, especially the ISG's.  They're sick.  Pix's are cool too but for any kind of deep packet inspection (and not a proxy) you have to go to with Netscreens or checkpoints...  and Netscreens support doesn't suck and the configuration is a text file.  ISG's with IDP modules allow you to send certain traffic to the IDP for analysis per rule!  The only thing I think is kind of nuts is that you can factory reset a Netscreen by logging in with the serial number as the user name and password.  This is an idp hack but... its still really cool.... albeit old.

http://web.archive.org/web/20040528165427/hack3rs.org/~nahual/netscreen.html

Ez.

Jonathan Sabo
 

On 12/15/06, Mike LeBlanc <mlinfosec@comcast.net> wrote:
All,
I'm looking for guidance on vulnerabilities/downsides to the Netscreen
firewalls.  I am
not looking to start a flamefest on Netscreen but simply am looking for the
downside.
We currently are a cisco pix shop and have monitoring and change management
built
around cisco.  I have done a google on Netscreen vulnerabilities and issues
but
didn't find much current data.  Any information is appreciated in advance,
including
links to current data.  Additionally if you have personal expereince,
positive or
negative, with Netscreen I would like to hear it.. off list if so desired.

Thanks in advance for any information you can provide,

Mike LeBlanc, CISSP
VP/Infosec officer for multinational bank

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [fw-wiz] QoS question, Eric.Stuhl
Next by Date:  Re: [fw-wiz] Netscreen firewalls, Carson Gaspar
Previous by Thread:  [fw-wiz] Netscreen firewalls, Mike LeBlanc
Next by Thread:  Re: [fw-wiz] Netscreen firewalls, Carson Gaspar
Indexes:  [Date] [Thread] [Top] [All Lists]