> 1. No support other than who ever's maintaining it.
This is a major problem for most managers and corporate-types. Just
because YOU can support it, they know tha you won't always be there, and
the next person may have no clue what you did.
> It may work great at first, but as the load and usage
> increase do you really have the time to worry about
> the scalability of your homegrown solution?
You can never predict what kind of load you will have. Sure, you can do
studies, you can watch connection usage and chart it all out and
determine your "average load", but that is only the data for that
day/week/month/year. What happens that first really bad snow storm when
80% of your company decides to work from home?
> 2. Are you a security expert or have time to become one?
> Most of the commercial offerings are as secure as you
> can make a homegrown solution, but if some one breaks
> through the security of your homegrown VPN and wreaks > havoc
>with your corporate environment or steals
> company secrets, at least you have a company to sue,
> and you most likely still have your job.
Some homegrown solutions can be more secure than the commercial
offerings. For example, Frees/Wan using IPSec vs. a Nortel Contivity
Switch using PPTP. However, you are right. You can sue Nortel (you can
also impliment ipsec on a Nortel system, it was just an example). Also,
in the case of business-to-business, you're basically just building a
pipeline. Once you introduce indavidual clients, you have to worry about
back-end authentication, authentication protocols, security polocies,
and a whole host of othe things. Homegrown solutions would take a great
deal of time for testing, infrastructure design, and implimentation.
Acommercial solution could go in quickly, easily, and you don't have to
worry about figuring out all of the little nuances.
> 3. Interoperability with other non-linux systems
This really wouldn't be a problem if it is done correctly.
> 4. User's who have no clue how to set up they're clients
This really WOULD be a problem. Misconfigured clients can do nasty
things to a system!
> Now, I'm not saying any of these can't be refuted with valid
> points, but when you're building an environment for a company,
> there are a lot of factors to keep in mind, and though Linux is
> an awesome system, and very flexible, robust, and secure, it's
> often not necessarilly the best choice for some things, or, not
> the the best time for that choice.
There are so many things to be considered in a remote access system, I
don't feel that a homegrown solution would be wise in a mission critical
place unless you really are an expert in all of the different areas
involved. I would personally lean more towards a commercial Linux-based
solution. Besides, since it's commercial, the PHBs are more likely to go
for it. They don't have to know what makes it tick (since they wouldn't
understand it anyway!), just tell them they can sue if something goes
wrong.
> If I were going to implement a secure, robust, corporate VPN, I'd
> look seriously at the commercial offerings that also have Linux
> support. Why?
>
> Well, the commercial offerings, though perhaps more costly up
> front, will save you a tremendous amount of time. They've
> already done all the interoperability testing to ensure that
> their product works with all the systems that you need it to work
> with. That alone is a significant time sink, and may well be
> time you don't have. Additionally, if something doesn't work
> as advertised, these companies usually have Engineers that are
> available to come on site and work things through with you so you
> don't sit there spinning your wheels.
> --
Very well put. Wheel spinning is a bad, bad thing when you have
deadlines, PHBs breathing down your neck, etc.
Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
