Scorecard
| Config- uration and mgmt. |
Flexibility and advanced features | Reporting/ Alerting/ Monitoring | General capabilities | Platforms supported | Document- ation and online help |
Total | |
| Percentage weight | 25% | 25% | 25% | 15% | 5% | 5% | |
| Checkpoint | 8 | 8 | 6 | 8 | 8 | 8 | 7.50 |
| Cyberguard | 7 | 8 | 6 | 7 | 5 | 8 | 6.95 |
| WatchGuard | 7 | 7 | 7 | 6 | 5 | 8 | 6.80 |
| NetGuard | 6 | 7 | 8 | 5 | 5 | 6 | 6.55 |
| Microsoft | 5 | 6 | 7 | 7 | 5 | 8 | 6.20 |
| Cisco | 7 | 7 | 5 | 5 | 5 | 8 | 6.15 |
| Ukiah | 6 | 5 | 6 | 8 | 5 | 5 | 5.95 |
| Elron | 6 | 6 | 4 | 5 | 5 | 7 | 5.35 |
The firewalls were ranked on a 1-to-10 scale in each category. These rankings were then multiplied by the percentage weight and then added to give the final scores.
NetResults
Microsoft Corp.
Proxy Server 2.0
Web site
$995
Platforms: Windows NT 4.0
Pros: Tight integration in an all-Windows NT network. High-end HTTP proxy features.
Cons: Some features inaccessible to non-Windows clients; requires client registration in NT user database for authentication.
Check Point Software Technologies, Ltd.
FireWall-1 3.0
Web site
$2,995 to $18,990
Platforms: HP-UX; IBM AIX; Solaris; SunOS, Windows NT
Pros: Easy to configure and reconfigure; wide range of platforms; best multi-site management; broad range of features.
Cons: User interface has become unwieldy; weak monitoring tools and real-time features.
Cisco Systems, Inc.
PIX Firewall 4.1
Web site
$9,000
Platforms: dedicated hardware
Pros: Simple security model is easy to configure; command-line interface will be familiar to Cisco router technicians.
Cons: Very limited proxy support; fairly inflexible security model.
Elron Software, Inc.
Elron Firewall/Secure 32OS
Web site
$4,995 and up
Platforms: Intel-based PCs (Firewall runs on own operating system;
Mgmt Interface runs on Windows NT/95)
Pros: Multiple protocol support beyond IP; quick configuration for simple networks.
Cons: No real proxies; authentication requires additional Windows application.
CyberGuard Corp.
CyberGuard Firewall 4 for Unix
Web site
$5,995 to $14,995
Platforms: Intel-based PCs (runs on hardened UnixWare operating system)
Pros: Good real-time monitoring tools; built-in split Domain Name System; strong proxy list.
Cons: Primitive logging features; configuration interface could be smoother.
Ukiah Software, Inc.
NetRoad FireWALL for Windows NT 2.0
Web site
$995 and up
Platforms: Windows NT
Pros: Quick setup; includes IPX-to-IP gateway; very low cost.
Cons: Poor documentation; inflexible built-in configuration rules.
NetGuard, Inc.
Guardian Version 3.0
Web site
$3,980 to $8,980
Platforms: Windows NT (management interface can run on Windows 95)
Pros: Excellent real-time connection monitoring; good configuration wizard for simple networks.
Cons: Limited proxies; inadequate documentation.
Watchguard Technologies, Inc.
Watchguard Security System 3
Web site
$3,995
Platforms: dedicated hardware (management interface runs on Linux or Windows)
Pros: "Black box" approach attractive to small networks; very flexible configuration; nice real-time avoidance features.
Cons: Constrained configuration may be unable to grow as needed; internal Linux kernel puts operating system support burden on small vendor.
Interactive firewalls buyer's guide
Find a firewall that meets your needs.
Snyder, a member of the Network World Test Alliance, is a senior partner at Opus One in Tucson, Ariz., where he specializes in networks and communication systems. He can be reached at jms@ opus1.com.
