[nycbug-talk] OpenBSD pf "bakeoff"

Josh Rivel josh at rivels.org
Tue Jun 19 09:30:18 EDT 2012


On Mon, Jun 18, 2012 at 2:19 PM, Bill Totman <billtotman at billtotman.com> wrote:
> On Mon, Jun 18, 2012 at 2:08 PM, Jim B. <jpb at jimby.name> wrote:
>> * Josh Rivel <josh at rivels.org> [2012-06-15 09:48]:
>
> <snip>
>
>>
>> Another consideration is support.  pf, just like any other product
>> will need support.  In fact, some companiies prohibit kit from being
>> deployed unless there is a support contract.  Look to identify what
>> organization will support pf and try to determine what a support
>> contract will include and how much it will cost.  Support contracts
>> usually specify Service Level Agreements (SLA) definitions and timeframes
>> so be sure to identify all SLA requirement from your company and if
>> your support organization can meet all of them.
>>
>
> <snip>
>
> Another thing to consider is your own skill (and training others
> therein) at troubleshooting pf: firewalls are usually guilty until
> proven innocent when it comes to hiccups in the network/Internet
> access.
>
> -bt

Yep, this is true, and the firewalls here are blamed for just about
everything, even if they aren't in the path of the machines in
question....
Good point, and well taken, thanks.
Josh




More information about the talk mailing list