Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Checkpoint Hardware Solution

Status
Not open for further replies.
DotNetNewbie

DotNetNewbie

Programmer
Joined
Mar 3, 2004
Messages
344
Location
GB
Dear all,

Once again I need your experience!

We currently have a Checkpoint installation; however the hardware it is currently sitting on has/is become unstable and needs to be replaced.

What are peoples recommendations? I looked at the new nokia IP40, however it would seem you can only buy it with checkpoint software and licenses, my supplier couldnt find a way of purchasing the device without x number of licenses, which I assumed I dont need!

Anyway, please let me know what you recommend.

Many thanks.

D.
 
Sort by date Sort by votes
Hi there,

You do NOT need to purchase any Nokia IP applicances. They
are craps, imho, anyways. If I were you, I would purchase
either a DELL or HP and run SPLAT on it. You just take
the license from the existing firewall and put it on the
new firewall.

The reason I am recommeding DELL or HP is that the cost is
much lower and these servers come with HD redundancies in
addition to Power supplies modules. You do not have those
in Nokia IP40, IP130, IP350/350, IP530. Besides,
checkpoint will admit to you that the firewall performs
much better on SecurePlatform (SPLAT) than Nokia IP
appliances.

I can tell you from personal experience that my Dell
dual processor (2.4Ghz) and 2GB of RAM just kicks the crap
out of the Nokia IP740. I terminate about 100 VPNs to
the SPLAT box with AES-256/SHA/DH-5/PFS and cpu is running
at about 40%. When I do the same thing to the IP740, CPU
spikes at 100% at about 40 VPNs tunnels.

Just replace your current hardware with either DELL or HP
and you will be good to go. If you are still concerns
the performance, you can use Performance Pack (PP) and
your firewall will kickass.

that's my 2c.
 
Upvote 0 Downvote
wirelesspeap

I am currently running Windows 2003 with NGX. My system is a Dell SC420 and I was wondering what can I do to increase the performance the VPN in Checkpoint Express.

thanks
 
Upvote 0 Downvote
Replace Windows2003 with Secureplatform NGx R60A. That
will increase the performance of the firewall. You will
be glad that you switch over to SPLAT. I can understand
running Mangement Server on win2k (not my prefer choice),
but running firewall on Windows2003, are you out of your
mind?

With Secureplatform, you can troubleshoot much better
because of utilities that comes with splat like tcpdump

my 2c
 
Upvote 0 Downvote
Many thanks for the replies.

I think from what ive read elsewhere and your comments I think I will opt for SPLAT on a hardware platform.

Many thanks

Regards

D.
 
Upvote 0 Downvote
Morning all,

Just a quick question:

How is SPLAT licensed? Is if something you get with Checkpoint or is it an individual program in its own right?

thx

D.
 
Upvote 0 Downvote
you can use the same license that you have on your current
hardware with the new SPLAT. Nothing change really.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mattbarkerlfc
  • Locked
  • Question Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
259
mattbarkerlfc
mattbarkerlfc
J001
  • Locked
  • Question Question
Checkpoint Upgrade Question
Replies
0
Views
219
J001
J001
RodneyMcSnow
  • Locked
  • Question Question
Hardware firewall bypassed access to the lan network. Please Help! No it's not a root kit or virus
Replies
1
Views
393
ChrisHirst
ChrisHirst
NileshB
  • Locked
  • Question Question
Restarting Checkpoint IP290 firewall and smartcentre
Replies
0
Views
266
NileshB
NileshB
J001
  • Locked
  • Question Question
Checkpoint NAT question
Replies
0
Views
193
J001
J001

Part and Inventory Search

Sponsor

Back
Top