[ previous ] [ next ] [ threads ]
 From:  Steve Bertrand <iaccounts at ibctech dot ca>
 To:  Lee Sharp <leesharp at hal dash pc dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Firewall virus protection?
 Date:  Thu, 15 Nov 2007 11:25:28 -0500
> This is why we never mention "Free Software."  We sell solutions that
> include installation, support, hardware and software.  We tell them the
> software is Open Source.  Occasionally a customer will ask, "So can't I
> get the software for free?"  At this point, my partner cringes because
> he knows what is coming.  I say "Sure.  But the software is never the
> expensive part.  I am."

Agreed. I operate an ISP, and I've had years of doing SMB IT
contracting. I've dwindled off the contracting as I want to work less,
so I'm in a position to only work for the companies who will follow my
recommendations without hesitating. Each situation is different and
requires a different approach to what solution will best fit.

I've never had anyone ask whether the software is free or not, but I
take the same stand your partner does...I get paid to make solution
recommendations, and/or implement said solutions. You wouldn't have
called me if you could install/configure the 'free' software ;)

> This is the one big advantage to outsource vs. in house.  We sell
> support.  However, as a small business, the fact that I can point to
> other companies that can support the solution actually helps.  This does
> not happen in a small 3rd part app.


> We sell a managed WiFi network that includes APs, Networking, and a
> Firewall.  All of it is fully monitored.  If a customer asks us to use
> other hardware we will, but with the warning that our real time
> monitoring system may not work with there expensive garbage.  

Hey now, garbage is a pretty loose term in this context ;) If it fits a
particular need, then it's not garbage.

> On that
> note, any one need a Pix or a ZyXel?

Actually, yes :) I have a client who is in immediate need of a Pix (for
specific purposes). Email me off list if you are serious.

> As to the mail, web filter on the firewall argument I respond with this.
>  Do you really want your spam filtering slowing down your web site? For
> that mater, do you want to open a virus infected e-mail on anything with
> a security purpose?  Or would you rather only one thing risk infection?

I don't argue with you here. I fully believe in distributed services,
and service isolation.

As I said, I have a Fortigate as my staff fw which faces our internal
ISP backbone. The only reason for this is that it is excess hardware,
and seamlessly routes IPv6 at the same time as NAT's v4. I don't use ANY
of it's security functions other than firewall.


>             Lee
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch