[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Firewall virus protection?
 Date:  Thu, 15 Nov 2007 09:19:31 -0600
Steve Bertrand wrote:

> Most businesses see no value in something they spend nothing on.
> Although there are man hours involved in building a home grown firewall,
> the beancounters have no respect for something that is 'free'.
> If a company spends $2k on a Fortigate (I have one as my office staff
> fw), then it *must* be better than the one we spent nothing on.

This is why we never mention "Free Software."  We sell solutions that 
include installation, support, hardware and software.  We tell them the 
software is Open Source.  Occasionally a customer will ask, "So can't I 
get the software for free?"  At this point, my partner cringes because 
he knows what is coming.  I say "Sure.  But the software is never the 
expensive part.  I am."

> Probably the most important fact is SLA. If something goes wrong with my
> Fortigate (or any other vendor equipment for that fact), then it's
> replaced/repaired the next day. If I quit my job, then the next person
> doesn't need to learn a proprietary setup that I put together.

This is the one big advantage to outsource vs. in house.  We sell 
support.  However, as a small business, the fact that I can point to 
other companies that can support the solution actually helps.  This does 
not happen in a small 3rd part app.

> Please understand that I am in no way, shape or form knocking the
> m0n0wall. I believe it is a great tool. I keep an image around for
> testing every once and again, and I also have numerous other custom
> routers/firewalls around. This is more of a business case than it is a
> technical one.
> I don't know the context of the OP, but most business I have contracted
> under have no interest in hearing 'SpamAssassin this, Postfix that',
> they have one goal: get it to work, get it to work well and make it so I
> never have to deal with it again.

We sell a managed WiFi network that includes APs, Networking, and a 
Firewall.  All of it is fully monitored.  If a customer asks us to use 
other hardware we will, but with the warning that our real time 
monitoring system may not work with there expensive garbage.  On that 
note, any one need a Pix or a ZyXel?

We also sell a secure Desktop (Ubuntu) and a network based DVR 
(ZoneMinder) along the same lines.  There is often a little reluctance 
at the beginning.  I have put in many free trials.  I have not yet taken 
one out!

As to the mail, web filter on the firewall argument I respond with this. 
  Do you really want your spam filtering slowing down your web site? 
For that mater, do you want to open a virus infected e-mail on anything 
with a security purpose?  Or would you rather only one thing risk infection?