TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
All,
I hope some of these public responses (and I wish I can print the
private responses to myself) show ISS that there is a healthy interest in a
Unix based solution for System Scanner as well as the possibility of using
another database such as Oracle for backend db work.
This particular reply is a little off topic, but I feel that it
needs to be mentioned.
On Thu, 19 Jul 2001, Johnny Kho wrote:
> I think the first mistake you made is to come on this forum shooting without
> even checking your rounds...NOT even testing the software!!!
I came here to find out more. My team had already worked on the
architecture, and have ran it by ISS and they ok'ed it. My complains have
nothing to do with usability, but with the architecture. Again (and this
is my personal opinion - and I do have significant NT support background,
and I _am_ able to secure it), you DO NOT deploy a major security
infrastructure on NT simply because NT will always contain components that
are not necessary for a server (ex: "desktop", "active desktop", IE and
activeX availability, and a multitude of other components that gets
installed even though it is not used most of the time).
> We can never be totally-biased against any software; everything has its
> merits and if you are looking for a perfect solution, no way you can find it
> in any off-the-shelf software without customisation. Everyone's needs
> differ. Then again, solutions are a combination of technology and human
> intelligence so these are merely tools.
This is a straw man. Remember, ISS _threw away_ unix support that
was available. I agree that "console" is best suited to an NT environment
because that's what 90% of the desktops are running. But backend databases
and all the other controlling agents and whatnots are not best suited for
NT. Many major datacenters do not run NT. We would have had System
Scanner *DEPLOYED* already the moment it came out, if it were Solaris or
HPUX based (even linux). We are STILL trying to push out our current SS
architecture and getting push back from the datacenter owners. I am NOT
looking for the perfect solution. And the problem is that SS CANNOT be
customized to work in my datacenter.
> Information Technology is all about exploration of possibilities; that is
NO. Information Technology is all about using information and
technology to supply a solution to your needs. Exploration of
possibilities is left to Research and Development groups. IT is about
_APPLICATION_ of technology. Which, in this case, in my opinion, is badly
done (note, this has nothing to do with the people/support from ISS, which
is very good from my company's experience).
> the true spirit of IT professional.
As someone who is trained as an engineer (BS Civil Engineering),
_I_ want to build systems that are stable, systems that I can be proud
of. When you put up a bridge, there is no such thing as "hmm, let me try
that, seems to work, ok, lets deploy". You make damn sure your bridge is
capable of staying up, or people will die. I find it truly appalling that
much of the so called Information Technology professionals (not you
personally, I'm talking in general) do not understand the technology that
they are supposed to be experts in, and do not care. In this category goes
the Microsoft company. Individual contributors may not be, but the
corporate culture is definitely like that. For those who disagree, check
out the book "The Software Conspiracy" by Mark Minasi. In it, he
interviews senior management folks at companies like Microsoft and
Netscape, and got their permission to quote them! And they are quoted as
saying that security is not as important as new features, that some push
out software as it compiles, not bothering with any designing (re: the
latest mess with Adobe's ebook) or testing or other things you're taught in
your basic programming class.
My Civil Engineering professor, in my first class, basically told
us that there are two kinds of engineers. On a Friday afternoon, you're
preparing to go for a barbeque/ballgame/party. Latest design changes to a
wing comes in. Do you just sign off on it, or do you spend the weekend
checking out the wing design, to make sure it meets all the requirements?
If you're the first type, my professor asks you to go into business or arts
or comp science. My chosen profession is IT. I ask those who will just
sign off to go into sales or something else.
> Constructive suggestions are always
> welcome and I believe developers will take heed to them.
Yes, they're pretty responsive actually. But in this case, I do
not think it was the engineers/developers fault, but that the management
made the call. It is up to us, the users, to tell ISS that it is the wrong
call. I have spoken up. A couple of others have spoken up. Some have
emailed me privately. Is this going to change ISS's position? Heck
no. Only when everyone who wants to run a Unix version has spoken, and
together, will ISS management make that kind of a change.
> ISS developers have proven this point in the release of RealSecure 6.0 with
> quite a fair bit of end-user wish-list answered. Be constructive and write
> to [EMAIL PROTECTED]
I did. They replied saying they are not interested. However, when
I spoke with their technical person, they said that there is some interest
from a number of users.
> cheers and all the best in exploring the use of System Scanner...
Thanx.
-Tai
--
http://philip.greenspun.com/bg/
http://www.vcnet.com/bms/features/serendipities.html
http://www2.hunter.com/~skh/humor/admin-horror.html
http://www.despair.com/demotivators/cluelessness.html
