Sett wrote: »
I have worked with both, and must say that I like Checkpoint better. Not because it is "easy", it just let you achieve the same results much faster. You can also keep track of your configurations and rules much more effective and it is less error-prone.
I can not see ASDM to become so well designed any time soon.
However, the main advantage of a FW is not how nice interface it has, it is all about productivity and reliability. The experts should tell which one is better by this criteria.
Chris:/* wrote: »
Food for thought though in multi-tier networks do not choose the same firewall for each tier. Different vendor hardware/software improves security because the same exploit does not work in all tiers.
Ahriakin wrote: »
That's subjective. If you can provide the same level of expertise for each vendor's appliances then it's true, but that is rare. What you gain in multi-tier exposure reduction from diversity you can quite easily lose in the levels to which each is configured correctly, also added complexity when attempting troubleshooting and forensics later.