On Sep 23, 2004, at 9:29 AM, Michael Clark wrote:
If I was not here they would have no one to work on it.
Awesome logic. Why does the company do anything at all, then?
Well, it can be a telling point. For my part, I alleviated my Managing
Director's concerns about implementing OBSD + pf (inst
On 20/09/2004, M Raju <[EMAIL PROTECTED]> wrote To [EMAIL PROTECTED]:
> Anyone running OpenBSD PF as the primary firewall for large mid-large
> orgranizations? If so what type of hardware, setup, etc. Just
> curious..
case 1: replace PIX by OpenBSD on a 1.1ghz el-cheapo-19" PC -->
doubled
Sounds like a valid option, but I am sure they would rather just
hire a hardcore microsoft person and then just use the cisco
support to fix whatever problems they have.
Someone should start a PF pay for support program =)
Take money and give management people the warm fuzzy feelings.
I wish I had
On Sep 23, 2004, at 9:29 AM, Michael Clark wrote:
If I was not here they would have no one to work on it.
Awesome logic. Why does the company do anything at all, then?
--Jim
Michael Clark writes:
The service from cisco is very good. I think the major reason I do not
currently have PF in my workplace is because I am the only person that can
support it. If I was not here they would have no one to work on it. With
the cisco support any one that can type can eventually
> -Original Message-
> From: Greg Hennessy [mailto:[EMAIL PROTECTED]
> Sent: Friday, September 24, 2004 5:52 AM
> To: [EMAIL PROTECTED]
> Subject: Re: OpenBSD PF in the Enterprise?
>
>
> On 24 Sep 2004 01:31:14 -0700, [EMAIL PROTECTED] (Shawn K.
> Quinn) wr
On 24 Sep 2004 01:31:14 -0700, [EMAIL PROTECTED] (Shawn K.
Quinn) wrote:
>> I think the major reason I do not currently have PF in my workplace is
>> because I am the only person that can support it. If I was not here
>> they would have no one to work on it.
>
>They could hire someone else to su
On Thursday 23 September 2004 08:29, Michael Clark wrote:
> The service from cisco is very good.
Given what one has to pay to get it, one would hope so.
> I think the major reason I do not currently have PF in my workplace is
> because I am the only person that can support it. If I was not here
> -Original Message-
> From: Greg Hennessy [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, September 22, 2004 4:06 PM
> To: [EMAIL PROTECTED]
> Subject: Re: OpenBSD PF in the Enterprise?
>
>
> On 22 Sep 2004 09:52:26 -0700, [EMAIL PROTECTED] (Kevin) wrote:
>
>
Thought I would throw in my 2 cents (being devalued as I type):
Some battles you will never win. When given the option, the bean
counters will always take the path with the least resistance and the
least responsibility. Remember the old adage: "No one ever got fired
buying Big Blue"? That mindset
On Wed, 2004-09-22 at 20:39:55 -0600, [EMAIL PROTECTED] proclaimed...
> And my reply to you, Kevin, would be to *fix* the problem rather
> than hanging you hat on having a target to blame.
Apparently you've never had a job where you've worked with more than
3 people who are "managers" or "direct
Kevin writes:
I'm sort of in the same boat. I have a strong case for replacing
multiple PIX failover pairs with OpenBSD on Dell, but I'm holding back
from making that recommendation solely because of the rational fear
that, lacking "someone to hang the blame on", when problems do come
up, the only
On 22 Sep 2004 09:52:26 -0700, [EMAIL PROTECTED] (Kevin) wrote:
>> They are installed, working and a sunk cost.
>>
>> Why would you waste money replacing them ?
>
>Cisco's annual maintenance fee for each PIX is about equal to our cost
>for a Dell to replace it. The annual cost for a Dell hardwar
On Wed, Sep 22, 2004 at 11:00:43AM -0500, Kevin wrote:
> On Wed, 22 Sep 2004 10:08:07 +0100, Greg Hennessy <[EMAIL PROTECTED]> wrote:
> > On 21 Sep 2004 23:20:32 -0700, [EMAIL PROTECTED] (Kevin) wrote:
> > >I'm sort of in the same boat. I have a strong case for replacing
> > >multiple PIX failover
On Wed, 22 Sep 2004 10:08:07 +0100, Greg Hennessy <[EMAIL PROTECTED]> wrote:
> On 21 Sep 2004 23:20:32 -0700, [EMAIL PROTECTED] (Kevin) wrote:
> >I'm sort of in the same boat. I have a strong case for replacing
> >multiple PIX failover pairs with OpenBSD on Dell,
>
> They are installed, working a
On Wed, 22 Sep 2004, Greg Hennessy wrote:
> >I'm sort of in the same boat. I have a strong case for replacing
> >multiple PIX failover pairs with OpenBSD on Dell,
>
> They are installed, working and a sunk cost.
>
> Why would you waste money replacing them ?
In many cases, the cost of s/w ma
On 21 Sep 2004 23:20:32 -0700, [EMAIL PROTECTED] (Kevin) wrote:
>
>I'm sort of in the same boat. I have a strong case for replacing
>multiple PIX failover pairs with OpenBSD on Dell,
They are installed, working and a sunk cost.
Why would you waste money replacing them ?
greg
--
Felicit
Kevin wrote:
I'm sort of in the same boat. I have a strong case for replacing
multiple PIX failover pairs with OpenBSD on Dell, but I'm holding back
from making that recommendation solely because of the rational fear
that, lacking "someone to hang the blame on", when problems do come
up, the only
On Tue, 21 Sep 2004 10:54:50 -0600, [EMAIL PROTECTED] wrote:
> Russell Fulton writes:
> > On Tue, 2004-09-21 at 09:37, Nick Buraglio wrote:
> >> They also said that "in large enterprise there
> >> is a need to have a responsible party" for software and hardware.
> >
> > My stock answer to this ar
Yeah, I used to try to convince them till I was blue in the face. I
finally went back to my little lab and shut up when I realized I was
getting nowhere. Thankfully I currently work in Academia / Research
where opensource is welcomed and M$ has no real foothold.
nb
On Sep 21, 2004, at 11:54 A
Russell Fulton writes:
On Tue, 2004-09-21 at 09:37, Nick Buraglio wrote:
They also said that "in large enterprise there
is a need to have a responsible party" for software and hardware.
My stock answer to this argument is "And when did you last get any
satisfactory redress from a software compa
On Sep 20, 2004, at 4:37 PM, Nick Buraglio wrote:
Back when I used to work for a decent sized insurance company (who
used checkpoint on the nokia boxes) I used to push ipf (as far as I
know pf was not around) and many other open source projects as a cost
savings feature to M$ and other commercia
On Tue, 2004-09-21 at 09:37, Nick Buraglio wrote:
> They also said that "in large enterprise there
> is a need to have a responsible party" for software and hardware.
My stock answer to this argument is "And when did you last get any
satisfactory redress from a software company whose products
On Sep 20, 2004, at 5:37 PM, Nick Buraglio wrote:
They also said that "in large enterprise there is a need to have a
responsible party" for software and hardware.
I got around that at a previous commercial job when I showed the EULA
to the corporate lawyers, and they told the "must have someone w
Have not had an opportunity to test, but I am curious if the
"site-to-site" CP VPN will work with OpenBSDs' IPSec implementation.
Unless CP really screwed up the RFC, I would thing it would not be a
problem. Cisco PIX IPSec (both gateway/road warrior) configurations
seem to worth with 3.5 so far.
Back when I used to work for a decent sized insurance company (who used
checkpoint on the nokia boxes) I used to push ipf (as far as I know pf
was not around) and many other open source projects as a cost savings
feature to M$ and other commercial products. The answer I always got
from the man
I have always stressed to Clients the ease of configuration,
management, of course the security of OpenBSD, combined with the power
PF beats PIX and CP out the water. Although some hardcore commerical
junkies are simply in self-denial or maybe job security?:-)
_Raju
On Mon, 20 Sep 2004 14:29:05
Vadium,
Thanks. I once used FWbuilder to train some of the CLI challenged
Cisco PIX admins who do level-1 support. I need to look at again and
see what has improved for CP. I will be in touch.
_Raju
On Mon, 20 Sep 2004 11:26:12 -0700, Vadim Kurland /r/
<[EMAIL PROTECTED]> wrote:
> Raju,
>
>
"Personally, I'm happy with the developers focusing on code."
Absolutely.
On Mon, 20 Sep 2004 14:27:36 -0400 (EDT), [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> > Thanks to everyone for your replies. I am setting up a demo with two
> > boxes Pentium4 2.8GHZ with 1GB of RAM as a PF (CARP/Pfsync
On Mon, 20 Sep 2004, M Raju wrote:
> I have been having trouble convincing some suits aka Management for a
> 1500+ employee company to migrate from Checkpoint to PF. Taking into
> fact that the company is the process of "debt-restructuring" aka
> chapter 11, cost-cutting is vital for all IT needs.
> Thanks to everyone for your replies. I am setting up a demo with two
> boxes Pentium4 2.8GHZ with 1GB of RAM as a PF (CARP/Pfsync) cluster (I
> run soekris at home). Hopefully able to right a case study on
> migration. I think we need more documents in case study format from a
> business perspec
Thanks to everyone for your replies. I am setting up a demo with two
boxes Pentium4 2.8GHZ with 1GB of RAM as a PF (CARP/Pfsync) cluster (I
run soekris at home). Hopefully able to right a case study on
migration. I think we need more documents in case study format from a
business perspective to he
I have been having trouble convincing some suits aka Management for a
1500+ employee company to migrate from Checkpoint to PF. Taking into
fact that the company is the process of "debt-restructuring" aka
chapter 11, cost-cutting is vital for all IT needs. Hence, I am
putting in a case switch to PF.
33 matches
Mail list logo