Date: Mon, 27 Sep 1999 20:15:46 -0700 From: "John Howie" <JHowie@msn.com> To: <freebsd-security@freebsd.org>, "Scott I. Remick" <scott@computeralt.com> Subject: Re: Help me win the MS-Proxy/ipfw war Message-ID: <014201bf095f$c1c50180$fd01a8c0@pacbell.net> References: <4.2.1.4.19990927195047.00d813e0@mail.computeralt.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Scott, Tough call. But pass this on to your boss... I reckon our company has spent weeks configuring and reconfiguring our Proxy Server since it was first installed back in February. It has failed at least twice to our knowledge and we have had to reboot the damned thing on several occasions. You will be spending hours reconfiguring each desktop to install the client software (IEAK goes someway, but not all of the way, to helping you out) and if you run non-Microsoft OSes on the internal LAN they will not be able to access the Internet easily, if at all. We are now moving to FreeBSD for our firewall/NAT solution. After our pains it was easy to recommend and get acceptance on, but my partners at least trust my decisions pretty much without question. Final clincher: Microsoft are incorporating NAT functionality into RRAS for Windows 2000 Server. If you'd like more details please feel free to contact me. john... BTW Common mistake: you do not necessarily get to use Microsoft products for free just because you are an MCSP. There are license restrictions that must be adhered to. ----- Original Message ----- From: Scott I. Remick <scott@computeralt.com> To: <freebsd-security@freebsd.org> Sent: Monday, September 27, 1999 5:05 PM Subject: Help me win the MS-Proxy/ipfw war > Any advice to a small-time network admin for a small (32 employees) company > that is stuck in the MS_WAY = ONLY_WAY mindset? We are overdue for a > firewall but the PHB wants NT/MS-Proxy installed, while I'm arguing for > FreeBSD/ipfw instead. We already have a FreeBSD server managing various > tasks (and has done them VERY well, and doesn't crash), so this isn't > totally new (ipfw is but I've got books on order and will be reading up). > > THEY (everyone but me) want MS Proxy because we're a MCSP and they want us > to use what we're going to sell, so that we're familiar with it (the > suggestion that we use FreeBSD/ipfw and sell that too seems to have fallen > on deaf ears). Of course, the fact is that no one actually spends time on > this stuff other than me anyway, even though it's set up with the intent > that all techs can learn from what we have installed in-house. That > argument, too, seems to not be working. Nor the vast difference in > hardware requirements (what would you consider the recommended hardware for > a FreeBSD firewall gateway to a 128K ISDN link?). Cost of the actual > software is $0 in either event, as we get to use MS software for free due > to our MCSP status. > > I need help, as it's me against the masses and I seem to be unable to win > them over. The best I've managed is to keep them from making the final > decision (only reason we don't have a firewall already). I'm also faced > with them wanting to move ALL mail services to the Exchange server (right > now only internal Exchange mail gets handled by it, and it routes all > internet mail through the FreeBSD box. The Exchange server itself is > blocked from the internet at the router) as well as move our website from > FreeBSD/Apache to NT/IIS (UGH!). > > I wish there were more advocates on my side working here to back me up, but > alas, we are small, and it's just me, and the boss is in bed with MS it > seems. We have some networking techs who do stuff for customers, and > they're against me because 1) MS software failures give them a daily source > of billable hours, and 2) they resent the FreeBSD server because it makes > them look bad, never crashing, while their NT servers need constant > attention/reboots. > > Thanks in advance. > > ----------------------- > Scott I. Remick scott@computeralt.com > Network and Information (802)388-7545 ext. 236 > Systems Manager FAX:(802)388-3697 > Computer Alternatives, Inc. http://www.computeralt.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?014201bf095f$c1c50180$fd01a8c0>