Netscreen advantages over Lucent solution

  • All,

    I’m trying to compare the Netscreen solution to the Lucent solution (Brick/LSMS).
    Indeed I’m familiar with the Lucent product line but a newbie on the Netscreen products.
    What I’m looking is the key points of Netscreen equipments over the Lucent equipments (and the opposite).
    For example, the keys features of Lucent are:

    • centralized management platform (Simplify deployment and maintenance
    • layer 2 operating mode
    • VOIP filters on the appliance

    Can anyone point me to the key features of Netscreen solution (compare to the Lucent one) ?
    Can anyone explain me briefly how is done the VoIP (SIP and H.323) filtering on Netscreen ? (I didn’t find anything on their website)

    If someone knows both solution and could highlight the advantages of each product, it would be invaluable !



  • Oldo,

    Thanks for the information.

    What I understand, NSM is optional, am I correct ? (we need to buy an additionnal package)

    In transparent mode with Netscreen, is it possible to setup a VPN tunnel ? address translation ?

    Regarding the VOIP ALG, are they included by default ? Can we do address translation with these filters ?

    Finally, how is working the bandwidth management ? For example, with Lucent we can guarantee bandwidth at 4 differents levels: Physical Port, Virtual Firewall, Zone Policy Rule and Session.

    Thanks in advance


  • Well, I’m not really familiar with the Lucent product lineup, but the Netscreens have a range of “enterprise” products as most other Firewall/Security companys do. When it comes to “key” features I’m not really sure what you want to know?

    -Centralized management is done in NSM. It’s a helpful tool for deployment, management for small as well as enterprise Firewalls/IDP’s in the Netscreen lineup.

    -Layer 2 operating mode is supported in the Netscreen boxes, also known as transparent mode.

    -VOIP filters? What kind of filters do you mean? The netscreen has ALG’s “Application Layer Gateways” for both H.323 and SIP. ALG’s in general intercepts the packets, defines dynamic policies to allow traffic, reassebles fragmented packets, etc to tighten security. But! because ALG’s does this type of data inspection it could actually break your applications in some cases.

    Any thing more you want to know. Please be specific and we will try and help!