Checkpoint Platforms

[gconnect]

Hello all,

First off I would like to say that I am basically a Checkpoint newbie. Please bare with me. I am very good with Cisco PIX, but I am trying to learn Checkpoint and Netscreen to learn their strengths and weaknesses.

Ok, I am currently learning using NG R55 VPN-1 Eval and I am using Windows 2000 for the platform. I would like to know if a Windows system is hardened properly and all ports closed but the neccessary (including from the firewall itself) can it adequately provide good security for a business? Or am I still subject to information leaks?

I have never been a fan of Microsoft "security", but has anyone ever audited a hardened Windows system, a Linux box, and a Nokia running Checkpoint side by side and come up with different results?

 

[ITsmyfault]

Run checkpoint on SPLAT. Don't run it on windows unless you are forced to by someone in mgt who is clueless.. I can hear the person now.. "we are a windows shop!"

SPLAT is free, runs great, and is stable as can be (we have run it here for years). I have run live fire tests on our firewall *during production hours* too. It's solid.
Checkpoint has already hardened it.. think about the hours you save right there. You can install it amazingly quickly too. Lesseee.. take 4-8 hours to build, patch and harden a windows box or install SPLAT in 30 min and be up and running. SPLAT has not needed patches - it has only the bare minimum OS components needed to run Checkpoint. There is practically nothing to patch..
Windows OTOH.... well you know the story.

JM2C