On Wed, 24 Jan 2001, Crumrine, Gary L wrote:
> On paper this all sounds idyllic, but in reality it never works out that way
> I am afraid. I think it is generally expected that the only time a vendor
> touts response time will be during the sale... after that, there seems to be
> some disconnect.... until the yearly license renewal comes up that is...
That's the purpose of the discussion to make this a criteria element for
some subset of Firewall Certifications. That would give ICSA Labs the
ability to test compliance with the response time and provide the
motivation in terms of potential decertification (or non-certification for
the initial testing) for a particular vendor.
> You get what you pay for in this business. If you can afford 24x7 onsite
> support, certainly you are going to get better service than if you rely on
> multi layered responses over the phone.
Agreed. The expectation is that many vendors will offer support options
at differing levels, and the thought process right now is about
availability of some minimum standard of support, not how much it costs or
where it happens.
> Making a call to say I am on it may be a sign of courtesy, but it does not
> get the client back on line.
Which is why the associated resolution and escalation questions were
asked. Once again, the desired intent is to improve the customer<->vendor
interaction by making requirements for products that want to achieve
certification for a particular deployement profile.
> I look very hard at the service I get during the year, and do not hesitate
> to change resellers if there is a major problem. But not before voicing my
If the vendors are required to ensure that the support is meeting certain
standards, then perhaps that part of everyone's job would be much easier?
There will be certification criteria, there almost certainly will be a
support module for "Fortune 500ish targeted products" (the verbage dance
is continuing) and here's a chance to provide a viewpoint on what that
will be. Given the number of vendors and products in the certification
cycle, the minimum standards for particular profiles _should_ make picking
which products to spend time looking in-depth at easier. Every year, we
publish a "Firewall Buyers' Guide" that has some feature comparisons. I
think the groundwork laid in the upcoming criteria changes are even more
useful to people making purchasing choices, evaluating products, or
re-thinking deployement strategies as home and small office stuff becomes
more pervasive.
I've always found that getting someone to talk to me and being able to
escalate within the vendor's support infrastructure have made my life
significantly easier than that of my collegues who haven't been able to do
the same thing. I'd be good if everyone had the chance to get a higher
level of service because it was a requirement for the vendor to maintain
certification. Certainly support and licensing issues seem to be the top
two complaints for post-deployment administrators (documentation is
probably in there too, but it's damned difficult to put into criteria
outside of the "it just can't be plain wrong" issue.)
Paul
[Disclaimers are in my first mail in this thread. The buyers guide info
should be at http://www.trusecure.com, following the links to the ICSA
Labs will provide lots of info on the firewall program as well as all the
other stuff done there.]
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
