I believe it all comes down to cost of ownership which includes: Software Costs Hardware Costs Installation Costs Maintenance Costs Support Costs Costs associated with risks All weighted against the justification by business need. So if the support cost decreases 20% for a .01% increase in cost associated with risk due to the probability of an attack, the simpler user interface wins every time. Look at it from management's viewpoint. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Paul D. Robertson > Sent: Monday, December 28, 1998 4:21 PM > To: Tom Neff > Cc: [EMAIL PROTECTED] > Subject: Re: review "factors" > > > On Mon, 28 Dec 1998, Tom Neff wrote: > > > > Security: 350 > > > Ease of use/installation: 300 (almost as high as security!) > > > Features: 250 > > > Performance: 100 > > > > > > The score for security is about 1/3 of the total score. I submit that > > > someone hasn't thought through the function of a firewall. > > > > I agree that security shouldn't be "weighted" in a mix with > unrelated factors. > > But I do think that completeness of security is a legitimate > factor in the > > buying decision, since the project being protected may have a > limited budget -- > > and a manageable downside in case of sustained attack. > > > > I also think that ease of use is important, because a difficult > interface > > Installation isn't the same as ease of use though. Many places can > "afford" to have a system installed correctly, but may not have a > professional day-to-day administrator. A firewall with "must be > professionally installed" on its reviews can still be a better choice > than one which is easy to install. > > > increases the likelihood that important components in a > theoretically high > > security rating will be misconfigured or go unused, thus > lowering the overall > > security of the system. > > Then again, there's the downside of it being too easy to open access to > protocols that probably shouldn't be, so there's somewhat of an offset > there. > > Paul > ------------------------------------------------------------------ > ----------- > Paul D. Robertson "My statements in this message are > personal opinions > [EMAIL PROTECTED] which may have no basis whatsoever in fact." > > PSB#9280 > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] > - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
