I agree with you completely, which is why we need to make sure the site
never loses its focus, which would be firewall/system admins sharing their
experiences and thoughts on products and/or solutions. It cannot become so
pretentious as to think it is the be-all product judgement manual or even a
product review guide of the consumer reports variety. Warnings such as the
one you have given would have to be reiterated, and links to manufacturers
websites and more authoritative review/testing companies should be
plentiful.
I just don't see anywhere out there, other than this list, where an admin
can go and get good gouge MINUS the sales rhetoric. I want to know how
other people are solving their problems. I want to LEARN from their
mistakes. I want to know what WORKS for them.
We also need lots of good advice like this. Let's have more! We are GOING
to get this up, so what should we do with it? Perhaps the end result won't
be what we envision now. What do we need to do? What should it all be
about?
Michael
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Paul D. Robertson
Sent: Wednesday, October 11, 2000 2:17 PM
To: Daniel Baldoni
Cc: Firewalls
Subject: Re: FAQ? Which FW is better?
-- SNIP --
I think that people are ill-served by choosing critical security
infrastructure by opinion poll. Keeping information up-to-date is a
nightmare, and requires advocates. Keeping vested interests out is also a
full-time proposition, or you risk badly skewed data. One good
disinformation campaign...
Rather than giving people answers which may not be appropriate for their
environment, we should teach them how to evaluate for themselves. The
end-game is significantly better than "Vote for ZoneAlarm[1], everyone
runs it and it's free!"
Having seen some of what goes into producing even a "standard feature
comparison" from vendors in our Annual Firewall Buyers Guide, what passes
for popular conceptions of product bugs, and people trying to track
version issues with most of the firewalls on the market, I think it's not
a thing that's easily done well. That's likely why those particular
questions aren't answered in the Firewalls FAQ (the current and past
maintainers can correct me if that's a mistaken assumption.)
> If properly maintained, it could be an invaluable resource containing
lists
> of gotchas for various products and/or versions of products,
interoperability
> issues, etc. I imagine it to be a "place" where list members can submit
> their opinions (no commercial input from the "big boys") - with "majority
> rules" (to prevent "invisible commercial input").
If you've ever tried to do Web-based stuff that makes an even playing
field out of the results, you'll find that it's not trivial and easily
surpassable. One AOL account, Hotmail and some perl break almost anything
that's trivial enough for most people to want to use.
That said, it's the Web- build it if you like. Just don't expect not to
take some incomming fire for it. Hopefully that fire won't include
incomming lawyers from mis- or dis-information.
Paul
[1] ZoneAlarm isn't a bad product, and it's very popular, it's just not
something I'd want to choose as a primary control to protect a hospital
with network-attached diagnostic and patient scheduling systems running
on an AS/400. It's also probably not free for business use.
----------------------------------------------------------------------------
-
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
