splat or windows

[Mindi]

Hi!

I was looking into one friends installation and noticed, that they have windows for two nodes.

Is there any reason to install node on windows instead of SPLAT?

At least my instructor on my first course told me he has none of windows and he done quite a lot of installations.

Any really good reason to go with windows? What are recomendations?

Mindi

[JeffN]

You will find that very few people will do an install (at least of a gateway system) on Windows. Most people would also select a SPLAT box rather than Windows for the SmartCenter system too.

Windows does not have the best reputation when it comes to security, add to that the additional costs of purchasing licenses and the constant updates, and you have three reasons why Windows is avoided.

Though, many people are familiar with Windows, so it makes managing the system a little easier for those people who do not want to learn another OS. That is the only reason that I can think of that Windows would be the selected OS.

[mcnallym]

I would never install a Check Point Gateway onto Windows unless having no other choice from the customer.

I also prefer not to use for the management server as some bean counter can't resist going, oh it runs on windows, why don't we run it on such and such a server. Sticking with SPLAT means that don't have to patiently explain that shouldn't run anything other then the SMARTCenter on the box still even if it is a Windows box.

Also I have tended to find some stange anomalies on Windows boxes when I have come across already installed boxes, although mainly in HA deployments.

I am not a big Linux/Unix knowledge despite working with SPLAT and Nokia's for 6 years now, so despite the fact that SPLAT is a stripped Red Hat distro you don't need to worry about it being Linux, as most of the work is hidden from you.

SPLAT has built in features for backup/restore and snapshots along with running the upgrade_tools export to get a good backup of the Check Point config.

I have only come across one place that refused to move off Windows and that was the fact that the Security Team used to monitor for alerts for all OS that they operated and didn't want to have take on another OS.

[MarioL]

Most windows boxes around tend to be legacy boxes that were upgraded or just left thought the years... from before SPLAT.

[hdharmaraja]

Hiya,

I have an IBM server and I want to install smartcenter on it. I am planning on installing Windows 2003 server. But now that I have gone through your discussions about windows or splat, I would like to change my mind and install on SPLAT.

But I have never come done any install or never dealt with SPALT before.

Where can download SPAT, what version is there any patches I need to download as well?

I am hoping to run Checkpoint VPN-1 pro with NGX R60

Any help would be appreciated.

Cheers,
Haran

[RobertGraham]

The windows OS also has a lot of overhead that SPLAT doesn't. Therefore, you're almost guaranteed to get better performance on SPLAT. You can try to tune the Windows box to be a little bit slimmer, but that's a whole new set of problems.

SPLAT is found on the media kit.

One question, why would you want to go with R60? R65 is so much better in so many ways. I urge you to reconsider.

[abusharif]

I have okay experiences of smartcenter on windows so i shouldnt be worried about that. (_smartcenter_ that is, never on gateway) :P

Splat is preferred choice tho. Much easier to maintain and troubleshoot (with some linux knowledge), doesnt cost you anything in form of OS license either.

[hdharmaraja]

Thanks.

I have been using R60 and I am very familiar with it. Also I have just taken up a project, where the R60 software and license has been purchased? If you are suggesting R65, then how do I go from here. Meaning, do I have to purchase a separate license or do I upgrade? I assume there will be a cost involved as well.

[mcnallym]

Providing you have valid software subscriptions then the upgrade software from R60 to R65 is available for free.

It uses the exact same license in R65 as does in R60 so if you have the licenses already there is no additional cost.

Order an upgrade pack from

Check Point Software: Upgrade Kits

fill in detaills, should be free shipping unless you can't wait the extra days that the free shipping takes.

Installation of SPLAT is simple,

Startup Server, InsertCD make sure Server boots from CD, follow screen
At the end remove cd reboot

login with

u = admin
p = admin

change password

run sysconfig and complete script

Really simple and straightforward

[hdharmaraja]

I have installed the SPLAT and it was simple and straight forward.

Now will move on to getting the R65 upgrade package.

Thanks for all of your help guys.