Re: [fw-wiz] OT: Av and Gartner...

From: Marcus J. Ranum (mjr_at_ranum.com)
Date: 07/31/03

  • Next message: lordchariot_at_earthlink.net: "RE: [fw-wiz] Gartner on "Deep Packet Inspection"" 
    To: Fritz Ames <fritzames@earthlink.net>
Date: Thu, 31 Jul 2003 14:15:21 -0400

    > What else can you use to filter the Web and FTP traffic that concerns you--before something inside your perimeter tries to render or process it?

    proxy firewalls; that's what I originally designed 'em to do. the
    first generation ones were too slow (software limitations and
    process models) but the idea was good. now we're heading
    back to proxy firewalls, just implemented in ASICs.

    > My impression is that Gartner doesn't run anything, they just look at stuff,

    they don't even look at stuff...

    >talk to people (most of whom actually pay to talk to them), and then the write up their opinions as fact.

    that's right. I used to get infuriated when the Gartner guys would
    go to one of my keynotes at a conference and a month later
    I'd see a research report that basically was an outline of my
    talk. that was when I realized that those guys were just
    bottom-feeders.

    > I worked for a "dot-com" that paid Gartner for advice and we kept getting glowing reports back from Gartner about how we were doing.

    funny, huh?

    at NFR we weren't on the magic quadrant until I bought a
    $60,000 subscription. then I was on the chart. so we got
    $50,000 worth of consulting and we moved closer to
    being visionaries. do you think there was a connection?

    > I felt that we were getting fluffy advice from them (thinking, "How do they know our *very* niche market better than we do?"). They tooted our horn to others, which made our top execs feel that we were doing great and that Gartner knew a whole lot. In retrospect I feel that Gartner was a strange PR company, not some analysis gurus--and certainly no high-end integrator.

    absolutely. Gartner markets itself to marketing people. their
    customers are marketing departments who use the fact
    that Gartner improves their reports as "proof" to stupid CEOs
    that they're doing a great job...

    > I think of it this way: You know those antiques shows on TV, where they tell you something is worth some fabulous amount of money? Don't you wish that they actually made transactions, to really show what something is worth? I feel the same way about Gartner. Wouldn't it be different if they did real work based on the advice they sell, like if they could say, "We installed all authentication systems, authorization systems, firewalls and load balancing gear for Company X and, based on the similarities between your needs, we can do A, B, and C for you at this price." THAT is when I start to believe anything from Gartner (or anyone else).

    I talked offline with Stiennon (before he knew who I am, hehehehe)
    and one of the things he admitted was that he didn't know anyone
    who used Intruvert's IPS in inline mode. *WHAT*!?!?? Intruvert was
    the company they were hyping...

    > I have a disclaimer: I don't *know* that Gartner sells garbage

    I do.

    mjr.

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: lordchariot_at_earthlink.net: "RE: [fw-wiz] Gartner on "Deep Packet Inspection""