Scorecard
| Firewall features 25% |
VPN features 25% |
Mgmt and reporting 20% |
Perform- ance 10% |
Install- ation 10% |
Docu- ment- ation |
TOTAL | |
| Fire- wall-1 4.0 |
9x0.25 =2.25 |
9x0.25 =2.25 |
8x0.20 =1.60 |
9 x 0.10 =0.90 |
8x0.10 =0.80 |
9x0.10 =0.90 |
8.7 |
| Fort Knox Policy Router F-3000 | 8x0.25 =2.00 |
8x0.25 =2.00 |
9x0.20 =1.80 |
9x0.10 =0.90 |
6x0.10 =0.60 |
6x0.10 =0.60 |
7.9 |
| Net- Screen -100 |
7x0.25 =1.75 |
7x0.25 =1.75 |
6x0.20 =1.20 |
9x0.10 =0.90 |
8x0.10 =0.80 |
6x0.10 =0.60 |
7.0 |
| Inter- ceptor 4.0 |
6x0.25 =1.50 |
6x0.25 =1.50 |
8x0.20 =1.60 |
9x0.10 =0.90 |
7x0.10 =0.70 |
6x0.10 =0.60 |
6.8 |
| Firebox II | 6x0.25 =1.50 |
6x0.25 =1.50 |
6x0.20 =1.20 |
9x0.10 =0.90 |
5x0.10 =0.50 |
5x0.10 =0.50 |
6.1 |
| OneGate 1000 | 5x0.25 =1.25 |
5x0.25 =1.25 |
6x0.20 =1.20 |
9x0.10 =0.90 |
7x0.10 =0.70 |
4x0.10 = 0.40 |
5.7 |
Net Results
VPN-1 ApplianceCheck Point Software
(650) 628-2000
Web site
$2,995 to $16,995
Pros: Most comprehensive firewall and VPN features
Includes distributed firewall policy
Multiple encryption schemes
Supports client, user and session authentication
Cons: Expensive for unlimited number of nodes
Fort Knox Policy Router F-3000
Internet Devices
(888) 237-2244
$4,995 to $9,995
Pros: Filters e-mail for spam
Optional bandwidth manager software module
Strong real-time monitoring and reporting tools
Good graphical user interface
Cons: Lacks direct connect access for a manager’s console
NetScreen–100
NetScreen Technologies
(800) 638-8296
$9,995
Pros: Multi-bus system architecture
Intuitive policy editor interface
Cons: Supports only basic services for defining policies
Interceptor
Technologic
(800) 615-9911
$3,995 to $9,995
Pros: Strong real-time monitoring and reporting tools
Filters e-mail for spam
Cons: Lacks support for a demilitarized zone
Firebox II
WatchGuard Technologies
(206) 521-8340
Web site
$4,990
Pros: Least expensive for unlimited number of nodes
Cons: Poorly documented installation
OneGate 1000
FreeGate Corporation
(408) 617-1000
Web site
$6,690
Pros: Includes DNS and DHCP services
Cons: Difficult to configure and manage
Missing second Ethernet port
Limited selection of pre-defined policies
Features comparison
|
VPN-1 Appliance |
Fort Knox Policy Router F-3000 |
NetScreen- 100 |
Interceptor |
Firebox II |
OneGate 1000 |
|
|
FIREWALL FEATURES |
||||||
|
Stateful inspection |
Yes |
|||||
|
Packet filtering |
Yes |
Yes |
Yes |
Yes |
Yes |
|
|
Application proxy |
Yes |
Yes |
Yes |
Yes |
||
|
Policy editor interface |
Very good, easy |
Good |
Moderate |
Moderate |
Basic |
Difficult |
|
Range of services |
Wide |
Wide |
Basic |
Basic |
Basic |
Pre- configured |
|
Policy verified. before install |
Yes |
|||||
|
Distributed firewall policy |
Yes |
|||||
|
Certificate Authority |
Yes |
|||||
|
Authenti- |
User, Client, Session |
User |
User |
User |
User |
User |
|
DMZ supported |
Yes |
Yes |
Yes |
Yes |
Yes |
|
|
VPN FEATURES |
||||||
|
IPSec |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
ISAKMP/ OAKLEY |
Yes |
|||||
|
SKIP |
Yes |
Yes |
||||
|
Additional proprietary encryption |
Yes |
|||||
|
DES |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
DES 3 |
Yes |
Yes |
Yes |
Not standard |
Yes |
|
|
VPN client |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
VPN site-to-site |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Network address translation |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
MANAGEMENT FEATURES |
||||||
|
Web browser access |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Direct connect access |
Yes |
Yes |
Yes |
Yes |
Yes |
|
|
Monitoring, logging |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
HTTP,DNS caching |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
IP Traffic shaping |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
URL filtering |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Spam e-mail filtering |
Yes |
Yes |
||||
|
PACKAGING FEATURES |
||||||
|
IP router |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
Web server |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
|
DNS/DHCP |
DNS |
DNS |
DNS |
DNS |
DNS |
DNS and DHCP |
|
Access media |
ISDN, T1, 10BaseT, serial |
10baseT |
10BaseT, serial |
10BaseT, serial |
10BaseT, serial |
ISDN or T1 only |
|
Operating System |
Windows NT, Solaris |
Proprie- |
Proprie- |
Proprie- |
Linux |
Proprietary OS |
