>I'm kind of disturbed by this "black box" approach of some of the commercial
>outfits. Sure, the black box might be a useful tool, but it's not the whole
>enchilada by any means..
Have felt that way since long before firewalls were ever conceived. Fact
is that the marketeers rarely know enough to sell anything other than black
boxes (and it is a joy to find one who not only knows but is willing and
permitted by his/her/its/other company to talk about it).
Most of my career has been spent spotting and fixing holes the manufacturer
left in and as far as I am concerned, if I have a question that goes
unanswered, I find a new vendor. If I feel charitable, I might even tell
them why but usually once I lose trust, I do not bother with them anymore,
listen politely for the ret of the speil and never call back. Those who know
me realize that when I get quiet and formal it is a good idea to seek
Recently I was invited to a conference call with a service provider after
they had a publicised intrusion. After invoking "proprietary information",
the provider stonewalled any detailed discussions. I got the message early
on and stayed (relatively) quiet. My advice to the client after the call
was that they had better put in a firewall between them and the provider
since the provider was not to be trusted. (Don't ask)
Trust is a wonderful thing and is essential to any long relationship, be it
marriage or client/provider. When dealing with new and emerging technology,
often it is the only workable basis. Destroy that and a vendor had best
look to the watermark on any references given for a stork with a broken neck.
Just my tuppence.