I, for one, will rarely say everything on this list which I would normally
charge a customer to tell them, and I think many others here are of the
same ilk. AT&T Paradyne can afford to hire a consultant to talk to them
about their requirements, and would probably not put a $2,000 cap on the
project (hardware and software), so suffice it to say that your question
was deemed academic and not necessarily responded to with every possibility
that currently exists. If you wade into the waters, don't expect to get
your chin wet.
As the self-titled, self-proclaimed, Microsoft Network Evangelist on the
Firewalls list, your treatment of their Internet offerings comes more from
your obvious disdain for them as a company than it does from any extensive
testing with their products. This is obvious from the fact that they do not
have any publicly available products which specifically address Internet
gateway security. If you have been participating in the Catapult beta, then
your statements about it offering only "basic services at best" are wrong.
If, on the other hand, you are referring to the only currently shipping
Firewall product for Windows NT, Raptor Eagle for NT, then you are wrong
again, it offers far more than "basic services at best".
Maybe your subject line should have been "Firewalls: Free vs. Fee",
considering you believe you should be able to compare FreeBSD or Linux
based freeware solutions to anything else on an even plain. Don't get me
wrong, I'm not knocking freeware, but to expect Microsoft, or Sun, or any
other vendor to support the package of services you asked for under $500 is
just ridiculous. The telephone support on such a product would alone
consume that much in corporate resources. Given that Windows NT Server
alone costs $700+ means that you expect to find the hardware to run it on
for under $1300, which means its going to have to be TDH (Tom, Dick and
Harry) brand hardware which may, or may not, be supported by the software
drivers.
I'm in this business to make money, not to cause a globally warm fuzzy
feeling about security. If you want to send people off on the mythical
search for the free all-in-one firewall by setting up a web page, then
enjoy yourself. If your intent is to try and sway the Microsoft Misfits,
then try putting a competitive cap on your budget and hire a consultant to
tell you what you can get for that money. Trying to fool the rest of us
into believing that what we sell now for $20,000+ should be priced at under
$2,000 is just not realistic. Not only would I not want to be the one
making that recommendation to a company, I doubt there are many MIS
Managers who would want to be the one signing off on such a purchase order
unless it was accompanied by a very comprehensive, and thus very expensive,
service contract.
I can see your job advertisement now (when you move on to better things);
"Wizbang UNIX Administrator needed to watch out for holes in a home-rolled
device which does TCP/IP filtering, HTTP/FTP/Gopher/Telnet/WAIS caching
proxy, SMTP, DNS, HTTP, MBONE, IRC, POP, ALL ON THE SAME MACHINE!!! Only
Administrators with experience building fertilizer bombs while performing
Brain Surgery need apply. Must be familiar with all future RFC's and a
charter member of the Alert mailing list."
Save the Microsoft bashing for a more plausible scenario, if you don't
mind.
Cheers,
Russ
|
|
