 
 
|
|
Checkpoint has been very successful so far with its firewall business. Its VPN product, Checkpoint securemote, has however many significant weaknesses compared to AltaVista Tunnel.
First, AltaVista tunnel products are firewall independent. Companies can therefore easily and securely partner together over the Internet without changing their firewall configurations.
Second, AltaVista proposes a much more secure encryption (RSA 128 bit vs. 56 bit DES). Third, AltaVista is a proven technology for the enterprise with a solution that scales up to 512 concurrent tunnels (vs. a "maximum of 75.")
At last, AltaVista has a best price/performance ratio: Checkpoint price entry-point is at least $7,000.
Basic business requirements
| | AltaVista Tunnel 97
| Checkpoint Securemote V3.0
| Comments |
| Remote & mobile PC support
| Yes - AltaVista Personal Tunnel
| Yes | -
|
| LAN to LAN support. |
Yes - AltaVista Group Tunnel
| Yes | -
|
| Server Platform coverage
| Windows NT (Intel), Digital UNIX, BSD and FreeBSD.
| WinNT, SunOS, Solaris, HP-UX
| - |
| Client Platform coverage
| Win95, WinNT clients |
Win95, WinNT | -
|
Security attributes
| | AltaVista Tunnel 97
| Checkpoint Securemote V3.0
| Comments |
| Authentication | Mutual authentication with RSA 512-bit public key
| Hand held authenticator with S/keys and time-based smart-cards.
| Only FWZ1 envcryption works with the Borderware ACE server.
|
| Integrity | MD5 Message Digest
| MD5 | -
|
| Encryption | RSA's RC4 128-bit and 56-bit for International
| DES 56 bit & FWZ1Proprietary algorithm for International
| To ensure maximum security and integrity of data, AltaVista uses standard RSA 128 bit encryption keys which have never been cracked.
|
| Protocol | TCP only.
| TCP. | -
|
| Dynamic rekeying | Yes, every 30 minutes
| No. | To enhance the security of the 128 bit key, AltaVista automatically and transparently exchanges a new key every 30 minutes.
|
Costs (acquisition, migration and ownership)
| | AltaVista Tunnel 97
| Checkpoint Securemote V3.0
| Comments |
| Price client | LAN Client: Free; Remote client: $99.
| Free. | -
|
| Price Server | 50 users $995; 200 users $ 1,995; 512 users $ 2,495
| Add-on Securemote for encryption costs $2,990.
| - |
| Other costs | none
| Firewall: 50 users: $4,995; 250 users: $9,990; Unlimited: $18,900
| Checkpoint requires their firewall to support VPNs. Its cost based on the number of clients within the intranet.
|
| Firewall independence |
Yes. | No
| Checkpoint requires its Firewall-1 product to build group-to-group and group-to-PC VPNs.
|
| Dynamic IP addressing |
Yes | Yes
| - |
Investment Protection
| | AltaVista Tunnel 97
| Checkpoint Securemote V3.0
| Comments |
| Scalability | Concurrent tunnels. NT: 200, BSD/OS: 200, FreeBSD: 200, Digital UNIX: 512
| "50 is OK, 75 max." (Checkpoint MIS manager)
| Checkpoint recommends Solaris Sparc 5 for more than 50 connections.
|
| Solution type | Software only
| Software Only | -
|
| X.509 | No
| No | -
|
Confidence in the vendor
| | AltaVista Tunnel 97
| Checkpoint Securemote V3.0
| Comments |
| Charter | AltaVista offers not only best-in-class VPNs and firewalls but also a complete Intra/Internet product portfolio. More on: AltaVista Tunnels.
| Checkpoint's primary focus is the firewall business. More on Checkpoint Securemote.
| AltaVista understands the overall security needs (e.g. management, directories) from the application level because of its global charter.
|
| Proven technology | Available since December 1995.
| Available since May 1995
| |
Back to analysis index
|
