[ale] VPN choices...

Jonathan Rickman jrickman at gmail.com
Mon Mar 14 03:31:58 EST 2005


On Sun, 13 Mar 2005 19:02:34 -0500, M Raju <protocoljunkie at gmail.com> wrote:
> >From my experience, the reason big companies prefer Cisco, Netscreen,
> Checkpoint, etc also heavily depends on politics (sale reps providing
> access to that nice golf trip to your pointy-haired managers) which
> acts as a deciding factor over technical merit of a particular
> solution.

Now that you've finished insulting several of us, would you care to
detail your experience in large enterprise environments so that we can
all appreciate the frame of reference from which you speak? Now maybe
I'm just an asshole (ok, so there's no maybe about it) but if you came
in my place suggesting that we toss a PIX 515 out in favor of your
home grown solution on a whim, you'd be out the door so fast you'd
wonder if you had found yourself in some kind of timewarp. Now before
you get the idea that I'm in need of some spoonfeeding session,
understand that I've been building, deploying, and managing open
source and commercial firewall solutions for more than 10 years now in
environments ranging from mom n' pop shops to very large corporate and
government sites, so I'd imagine I probably learned a few things along
the way. One of which is that you don't toss something that works for
a solution with pretty much identical capabilities. That said, I am
currently setting up a solution similar to the one you describe and am
quite pleased with it thus far. The main reason I am going the OSS
route is because I already have some nice hardware to run it on. But
if I already had a redundant PIX 515 setup in place, I sure wouldn't
be throwing it out just to prove that I can read man pages or use
google.

--
Jonathan "doesn't even play golf" Rickman



More information about the Ale mailing list