cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer III

Re: some comparison between checkpoint and Palo Alto

In side some coding compile with FreeBSD only.

 

https://lists.freebsd.org/pipermail/freebsd-jobs/2011-July/000773.html

Cyber
Contributor II

Re: some comparison between checkpoint and Palo Alto

That is a job posting from a guy at a company called Ubalo that happened to be in Palo Alto, CA, which is a city where PANW is based which has nothing else to do with PANW. Its a data search company. So I’m not really sure what you think this is proof of.
-- wdf//CISSP, CSSLP
Community Champion

Re: some comparison between checkpoint and Palo Alto

On the OS/Security topic...

 

The old Secure Computing Sidewinder G2's were based of some flavor of BSD(BSDi...?) and then they moved to FreeBSD. Lot's of good reading here about how and why things were done:

 

https://cryptosmith.com/mls/lock/

 

So Secure Computing had a bit of a marketing fetish for the OS security,  Administrative and Operational kernels and as they used FreeBSD I guess it would be plausible, but if I was supporting/building anything today - I'd likely use CEntOS. I'm with WDF - to get proof you'd want to get on the CLI or the filesystem and you'd probably find out pretty quickly, but at that point you have to ask yourself why you care?

 

If it's really so important that the OS is secure you should hang around with the guys at https://www.openbsd.org, but you should know I'm only going to attack your firewall if I can't get in anywhere else - I'm reasonably sure it's had a lot of work done on it, and it's probably pumping all it's logs back to your SOC, and it's listening for attacks, and the traffic going through it is probably SSL/TLS the most part. Just sounds like anything from Palo alto Networks or Checkpoint would be very crunchy.

 

 

 

Contributor II

Re: some comparison between checkpoint and Palo Alto

OpenBSD is cool and I really appreciate them. I like HardenedBSD, too, which is a downstream fork of FreeBSD which applies PaX type hardening for exploit mitigations but is othewise FreeBSD from a usability standpoint. I have contributions in both FreeBSD and HardenedBSD.
-- wdf//CISSP, CSSLP