From: [EMAIL PROTECTED]
Reply-To: Mailing list for discussion of Firewall-1
<[email protected]>
To: [email protected]
Subject: Re: [FW-1] HFA-13 is out - Anyone having issues w/ HFA12?
Date: Mon, 7 Mar 2005 09:31:30 -0600
In the interest of not starting a flame war, I won't address hardly any of
your message. Most of us really do have better things to do than discuss
the nature of companies and their beta-testing their customers. The
statement at the end of my message was just a statement of my opinion. If
you took it otherwise, this in not the forum for it, nor for threats (which
is how your message came across.)
A few things I will say:
VPN-1 Edge devices were useless until release HFA-07 of R55.
HFA08 was released, pulled, released. Same with HFA09. Both broke
encryption; one VPN tunnels, the other Secure Client. Neither was a decent
solution.
User database pushing has been working for us until I applied this patch. I
know, because I have been doing it for *months*. Unless you are writing
the code for it, I really do not think it is appropriate for you to claim
otherwise.
As for my tag line, it is 100% true. It does not apply, however, to a
company whose interest lies in the top level of Internet Security and the
public code they release to their paying customers.
It seems as though you got a bit worked up over nothing, and your
spelling/grammar suffered too. Perhaps for the future, sticking to the
point of this mailing list, which is to help those with questions, would be
in your best interest. You've had good answers before; don't let
assumptions lead you in to getting off topic of what this is here for.
Assumptions like, "he thinks Micro$oft is perfect". ;-)
Cheers.
Regards,
Matt Goddard
CCSA, MCSE, CCNA
Security Information Team
Schneider National, Inc.
"Anyone who has never made a mistake has never tried anything new." -Albert
Einstein
|---------+-------------------------------------------->
| | Ray <[EMAIL PROTECTED]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[EMAIL PROTECTED]|
| | KPOINT.COM> |
| | |
| | |
| | 03/06/2005 01:07 PM |
| | Please respond to Mailing list |
| | for discussion of Firewall-1 |
|---------+-------------------------------------------->
>----------------------------------------------------------------------------------------------|
|
|
| To: [email protected]
|
| cc:
|
| Subject: Re: [FW-1] HFA-13 is out - Anyone having issues w/
HFA12? |
>----------------------------------------------------------------------------------------------|
Hi Matt,
13 hotfixes isn't scary because we're not talking about a single-function
application here. Several of them weren't even publicly released because
they addressed specialized issues, however they had to be numbered for the
people who applied them. I suppose they could have gone the MS route and
just changed the release number and sold you a "new" upgrade instead of
issuing an update. :-)
Nope, haven't seen the issues you're referring to although you didn't
povide
enough detail to be sure. There's no such thing as a "user database push"
anymore; it has to be a policy push.
If you really went from 04 to 12, neglecting HFA08, you put your
organization at risk from the ASN.1 issue. Not patching firewalls for known
exploits is a sure-fire way to unemployment in our company even if you
don't
get hacked. Failing to perform due diligence would violate SarBox and a few
other regulations.
"Even M$ seems be able to get things fairly stable after about 6 service
packs." You mean NT? Released in 1996 and had its 6th SP released three
years later? that's not "competence" as I would define it.
By the way, you're tag line of
"Anyone who has never made a mistake has never tried anything new." -Albert
Einstein
is a bit confusing given your criticism of Check Point trying new fixes.
:-)
Take care,
Ray
>From: [EMAIL PROTECTED]
>Reply-To: Mailing list for discussion of Firewall-1
><[email protected]>
>To: [email protected]
>Subject: Re: [FW-1] HFA-13 is out - Anyone having issues w/ HFA12?
>Date: Fri, 4 Mar 2005 17:00:07 -0600
>
>Has anyone else experienced weird problems with HFA12? Obviously there
were
>still problems with R55+HFA12 as they released HFA13, and we are
>seeing specific issues with ClusterXL, User Database pushes, and strange
>entries in SmartView Tracker. They may not all be related to the Hotfix,
>but they all definitely started happening after I moved the firewalls up
to
>HFA12 from HFA04.
>I would go in to more detail, but I will hold off unless someone else has
>definitely experienced issues relating to one (or all) of these.
>
>The real scary part to me is that there have been *thirteen* Hotfixes for
>one release of code. Sometimes I wonder if going from FP2 to R54 would
>have been the better move and then waited until they worked all the bugs
>out of R55, or released a very stable R56 (Or R60, the name seems to be
>changing often). Even M$ seems be able to get things fairly stable after
>about 6 service packs.
>
>Thanks in advance for any advice/help.
>
>Regards,
>Matt Goddard
>CCSA, MCSE, CCNA
>Security Information Team
>Schneider National, Inc.
>"Anyone who has never made a mistake has never tried anything new."
-Albert
>Einstein
>
>
>
>
>|---------+-------------------------------------------->
>| | RoNNY Nussbaum <[EMAIL PROTECTED]>|
>| | Sent by: Mailing list for |
>| | discussion of Firewall-1 |
>| | <[EMAIL PROTECTED]|
>| | KPOINT.COM> |
>| | |
>| | |
>| | 03/04/2005 12:20 PM |
>| | Please respond to Mailing list |
>| | for discussion of Firewall-1 |
>|---------+-------------------------------------------->
>
>
>----------------------------------------------------------------------------------------------|
> |
> |
> | To: [email protected]
> |
> | cc:
> |
> | Subject: [FW-1] HFA-13 is out
> |
>
>
>----------------------------------------------------------------------------------------------|
>
>
>
>
>-RoNNY
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [EMAIL PROTECTED]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[EMAIL PROTECTED]
>=================================================
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [EMAIL PROTECTED]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[EMAIL PROTECTED]
>=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
