Nokia 380 vs Cisco PIX 525

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Hi all,

We're now in process of deciding a new second firewall in my organization.
In this case, we think that the most important value in this decision is the
throughput (is fw connected directly to LAN's). We're taking into account
two firewall, Nokia 380 FW-1 NGS and Cisco PIX 525.

The Firewall throughput value in Nokia 380 is 600 Mbps and, in Cisco, the
Cleartext throughput is 330 Mbps, are this values comparable? Is firewall
throughput = cleartext throughput? It was a surprise for me, I ever thought
that Cisco network throughput was higher than Nokia in similar devices.

Thanks

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Paco" <pe@pe.com> wrote in message
news:c50k0r$2naqkc$1@ID-204109.news.uni-berlin.de...
> Hi all,
>
> We're now in process of deciding a new second firewall in my organization.
> In this case, we think that the most important value in this decision is
the
> throughput (is fw connected directly to LAN's). We're taking into account
> two firewall, Nokia 380 FW-1 NGS and Cisco PIX 525.
>
> The Firewall throughput value in Nokia 380 is 600 Mbps and, in Cisco, the
> Cleartext throughput is 330 Mbps, are this values comparable? Is firewall
> throughput = cleartext throughput? It was a surprise for me, I ever
thought
> that Cisco network throughput was higher than Nokia in similar devices.
>
> Thanks
>
>

If you are confused at this stage, I recommend you hire a security
consultant to size up your requirements and provide an unbiased opinion and
recommendation on your needs.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Paco" <pe@pe.com> wrote in message news:<c50k0r$2naqkc$1@ID-204109.news.uni-berlin.de>...
> Hi all,
>
> We're now in process of deciding a new second firewall in my organization.
> In this case, we think that the most important value in this decision is the
> throughput (is fw connected directly to LAN's). We're taking into account
> two firewall, Nokia 380 FW-1 NGS and Cisco PIX 525.
>
> The Firewall throughput value in Nokia 380 is 600 Mbps and, in Cisco, the
> Cleartext throughput is 330 Mbps, are this values comparable? Is firewall
> throughput = cleartext throughput? It was a surprise for me, I ever thought
> that Cisco network throughput was higher than Nokia in similar devices.
>
> Thanks


Well speaking with experience on the Cisco PIX line and limited
knowledge of the nokia/checkpoint options I would also consider
licensing/support and the nokia hardware purchase. As for that
throughput numbers if you have any encrypted traffic consider these
numbers of 3DES VPN quotations as per Nokia IP380 documentation is
120Mbps w/ acceleration and Cisco PIX 525 is stated as 155Mbps w/
accel. Also check the cleartext interface throughput numbers again.
The 525 has gigabit nic capabilites as the nokia 380 has 10/100
options only.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

ofnospam@yahoo.com (Ovid Fernandes) wrote in message news:<258f7274.0404111500.35c38fde@posting.google.com>...
> "Paco" <pe@pe.com> wrote in message news:<c50k0r$2naqkc$1@ID-204109.news.uni-berlin.de>...
> > Hi all,
> >
> > We're now in process of deciding a new second firewall in my organization.
> > In this case, we think that the most important value in this decision is the
> > throughput (is fw connected directly to LAN's). We're taking into account
> > two firewall, Nokia 380 FW-1 NGS and Cisco PIX 525.
> >
> > The Firewall throughput value in Nokia 380 is 600 Mbps and, in Cisco, the
> > Cleartext throughput is 330 Mbps, are this values comparable? Is firewall
> > throughput = cleartext throughput? It was a surprise for me, I ever thought
> > that Cisco network throughput was higher than Nokia in similar devices.
> >
> > Thanks
>
>
> Well speaking with experience on the Cisco PIX line and limited
> knowledge of the nokia/checkpoint options I would also consider
> licensing/support and the nokia hardware purchase. As for that
> throughput numbers if you have any encrypted traffic consider these
> numbers of 3DES VPN quotations as per Nokia IP380 documentation is
> 120Mbps w/ acceleration and Cisco PIX 525 is stated as 155Mbps w/
> accel. Also check the cleartext interface throughput numbers again.
> The 525 has gigabit nic capabilites as the nokia 380 has 10/100
> options only.

wrong.
the 380 can handle upto 1.5gb of cleartext (proven using smartbits and
1518byte frame packets)
the 380 can handle upto 3x the amount of connections per second that a
525 can
the 380 can support active/active clustering
the 380 can support gigbait NICs (upto 4) (including copper gig and
dual port gigE cards)

and Im not even going to start on the benefits of IPSO over PixOS.

SysAdm
....im back...

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>
> and Im not even going to start on the benefits of IPSO over PixOS.
>
> SysAdm
> ...im back...

What are the benefits, I am not familiar with IPSO but I dont use PIX either
but I might be getting a pix 515 and want to compare Nokia.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

if performance and throughput are your requirements check Stonegate or
Netscreen.

www.stonesoft.com
www.netscreen.com

On Wed, 7 Apr 2004 12:11:27 +0200, "Paco" <pe@pe.com> wrote:

>Hi all,
>
>We're now in process of deciding a new second firewall in my organization.
>In this case, we think that the most important value in this decision is the
>throughput (is fw connected directly to LAN's). We're taking into account
>two firewall, Nokia 380 FW-1 NGS and Cisco PIX 525.
>
>The Firewall throughput value in Nokia 380 is 600 Mbps and, in Cisco, the
>Cleartext throughput is 330 Mbps, are this values comparable? Is firewall
>throughput = cleartext throughput? It was a surprise for me, I ever thought
>that Cisco network throughput was higher than Nokia in similar devices.
>
>Thanks
>

--
boxbdaLIII@yahoo.co.uk
(subtract 53 for email)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

boxbdaLIII@yahoo.co.uk wrote in message news:<bdbk90ldam1t5pb3j46nljsn897le2obuv@4ax.com>...
> if performance and throughput are your requirements check Stonegate or
> Netscreen.
>
> www.stonesoft.com
> www.netscreen.com
>

squeeze me ? the IP380 can do 1.5GB/s of cleartext on a standard
ethernet frame. that urinates all over the netscreen in respect to
performance in class. as for stonesoft - im amazed theyre still
afloat.

SysAdm

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Mike Harrison" <mharrison@aol.com> wrote in message news:<c7cm6o$2c8q8$1@ID-155262.news.uni-berlin.de>...
> >
> > and Im not even going to start on the benefits of IPSO over PixOS.
> >
> > SysAdm
> > ...im back...
>
> What are the benefits, I am not familiar with IPSO but I dont use PIX either
> but I might be getting a pix 515 and want to compare Nokia.

Mike

The IPSO OS has its origins deep within fast routing/switching. Nokia
purchased Ipsilon (a w.coast startup) in the mid-90s and used their
technology to base a hardened fw platform on.

The OS supports more features than any other security platform in the
market, but its main focus/strength is in its dynamic routing
implementation (eg. PIM-SM/DM, OSPF, BGP, IGRP, DVMRP etc).

Thats why its the fw of choice for so many enterprise level companies
& ISPs.

The pix 515 is a *very* limited appliance in relation, and is only
ever used in small deployments (ie. small office designs) where cost
is imperative and features less so.

SysAdm