RE: [fw-wiz] Info Request: Looking for alternatives in HA/Load balancing firewalls ...



Pardon me for working in a program with evolving requirements!

When we started, we were told it was purely a web portal. Last week, we
discovered, at a meeting, "Oh, yeah, and we still want to push App Z's input
data in as SMTP with attachments". And despite all cajoling and requests
for common sense, like downloads via http transfer, the customer has
INSISTED we keep plain vanilla FTP. Not SFTP, nothing SSH based, but
incredibly insecure, creaking old FTP. Which we're now specifying to have
its' very own little DMZ. And as discovery for requirements continues, I
now expect other informational IEDs. .

So it's more like going in for a hangnail, getting a physical, and finding
high blood pressure, incipient diabetes, and precursors to heart disease. .
. as well as the hangnail.

Moral: don't make assumptions. I SAID we were gathering requirements. We
just found a significantly broader range than initially inspected . . .

-----Original Message-----
From: Marcus J. Ranum [mailto:mjr@xxxxxxxxx]
Sent: Sunday, April 23, 2006 7:39 PM
To: Keith A. Glass; 'Peter J. Cherny'; firewall-wizards@xxxxxxxxxxxxxxxxxx
Subject: RE: [fw-wiz] Info Request: Looking for alternatives in HA/Load
balancing firewalls ...

Keith A. Glass wrote:
[replies from people suggesting various web-centric solutions deleted]
Because it's not JUST web, but that's the way the project was sold.

Yes, but in your original posting, the information you gave us was:
We're currently spec'ing functional requirements for a new web-based
implementation of a number of enterprise apps. One obvious problem
is the firewall system: it needs to be both load-balancing and
high-availability, AND scalable.

So, this guy walks into a doctor's office and says, "I need to
talk to you about this hangnail..." and the doctor listens seriously
and tries to offer some constructive but trivial advice. Then the
guy says, "Yeah, but the real reason I came to you was because
of my brain tumor..."
Moral: Don't be surprised if you don't get useful help when the
people who are trying to help you are working with a partial view
of your problem.

mjr.


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.4.5/322 - Release Date: 4/22/2006


--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.4.5/322 - Release Date: 4/22/2006


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards