[ale] VPN choices...

M Raju protocoljunkie at gmail.com
Mon Mar 14 08:14:48 EST 2005


Jonathan,
  Apologies if it came across the wrong way. An example would be, I
spent 5 years at a large site (say 18,000+ users about 6 years ago)
for a company - let us just say "Big Tobbaco". I had a tough time
dealing with people with their arguments without even testing a
solution. Simply saying Cisco is the "best" or we will be using
Checkpoint because they say they will be providing the abc feature
(because some sales rep mentioned it to Management).

This was an account of my own experience, not a view in general. I was
a Cisco monkey for several years before I came across things that are
much better and they worked for me very well...

_Raju


On Mon, 14 Mar 2005 01:33:27 -0500, Jonathan Rickman <jrickman at gmail.com> wrote:
> On Sun, 13 Mar 2005 19:02:34 -0500, M Raju <protocoljunkie at gmail.com> wrote:
> > >From my experience, the reason big companies prefer Cisco, Netscreen,
> > Checkpoint, etc also heavily depends on politics (sale reps providing
> > access to that nice golf trip to your pointy-haired managers) which
> > acts as a deciding factor over technical merit of a particular
> > solution.
> 
> Now that you've finished insulting several of us, would you care to
> detail your experience in large enterprise environments so that we can
> all appreciate the frame of reference from which you speak? Now maybe
> I'm just an asshole (ok, so there's no maybe about it) but if you came
> in my place suggesting that we toss a PIX 515 out in favor of your
> home grown solution on a whim, you'd be out the door so fast you'd
> wonder if you had found yourself in some kind of timewarp. Now before
> you get the idea that I'm in need of some spoonfeeding session,
> understand that I've been building, deploying, and managing open
> source and commercial firewall solutions for more than 10 years now in
> environments ranging from mom n' pop shops to very large corporate and
> government sites, so I'd imagine I probably learned a few things along
> the way. One of which is that you don't toss something that works for
> a solution with pretty much identical capabilities. That said, I am
> currently setting up a solution similar to the one you describe and am
> quite pleased with it thus far. The main reason I am going the OSS
> route is because I already have some nice hardware to run it on. But
> if I already had a redundant PIX 515 setup in place, I sure wouldn't
> be throwing it out just to prove that I can read man pages or use
> google.
> 
> --
> Jonathan "doesn't even play golf" Rickman
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
> 


-- 
May the packets be with you.



More information about the Ale mailing list