Hey Dieter, You should differentiate between a SMB level appliances to a more advanced ones. The basic difference is simplicity of management via WEBUI. They also have API but you will need developer level skills for that. >From my experience with checkpoint they basically have a large DB of applications and threat feeds. Since you need it for basic ACLs and ICAP virus scanners it's possible that a checkpoint server might be good for your use case. You should really compare the goals and the costs in general. The SMB versions downgrades any HTTP connection to HTTP 1.x so don't expect these to support HTTP2. I don't know the size of your company but in general the most "famous" vendors for NGFW are: * CheckPoint * FortiNet * Palo Alto * Sonicwall There is a price for each product and you should compare all of them and also different versions of them. Every product in the industry has it's limitations and I have found weaknesses in each and every one of them and in many others including Squid. The NGFW Is basically something that Palo Alto invented and all others used this same naming for publicity. The one big PRO I found in checkpoint is that their support was very responsive. Specifically in CheckPoint you should look at the: Known Limitations Per the firmware version you might be getting for the appliance or server your company might want to purchase. All The Bests, Eliezer ---- Eliezer Croitoru NgTech, Tech Support Mobile: +972-5-28704261 Email: ngtech1ltd@xxxxxxxxx Web: https://ngtech.co.il/ My-Tube: https://tube.ngtech.co.il/ -----Original Message----- From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Dieter Bloms Sent: Monday, 25 July 2022 14:22 To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: pros/cons squid vs next generation firewall Hello, I run some Squid proxy servers in conjunction with ICAP virus scanners and I'm very happy with them. Our company now wants to replace them with a checkpoint next generation firewall. Do you have some arguments that speak for the further operation of the Squid proxies? Thank you for any hint! -- Rgeards Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the >From field. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
