@Patrick<div><br></div><div>I&#39;m with you on this. I&#39;m running pf-Sense in production in two sites, never disappointed... I&#39;m an advocate for practical open source solutions. Funny thing about the enterprise is that they don&#39;t believe in buying support for open source products, and that&#39;s why, ironically, proprietary systems win...e.g. you can&#39;t buy an Enterprise cadre VMware license without at least 1 year support... Now, if you had any issues, they will be resolved by support (which you paid for) and your staff will be up to scratch... Unfortunately, if you purchase say, Xen, you won&#39;t buy support, when your tech team has an issue, you are at the mercy of their ability to Google (laziness etc take over). The *perception* hence will be that Open Source products are less stable, which may not always be the case, just that the proprietary systems have figured out a way of support. I guess it&#39;s about the business model... </div>

<div><br></div><div><br><div class="gmail_quote">On Mon, Jan 31, 2011 at 12:41 PM, Patrick Kariuki <span dir="ltr">&lt;<a href="mailto:patrick.kariuki@gmail.com">patrick.kariuki@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">

@ Thomas, sounds fair enough.. managed services from specialized<br>
vendors can square out competition and build a good experiencel base<br>
for those offering these services, so instead of just working with<br>
say, a Service provider and Cisco, a customer has an option to work<br>
with a service provider and (other opensource solutions that works)<br>
for less - and leave the revenue sharing model to the vendor and the<br>
service provider.<br>
<br>
@ Phares - speaking of confidence in opensource solutions(grab some<br>
popcorn - true story), a director visits a country branch somewhere<br>
and is advised by the IT team there that replacing a certain appliance<br>
 with pfsense and adopting other opensource technologies helped ease<br>
on the IT CAPEX while providing equally reliable IT services in the<br>
long run, when the director returns he coincidently finds a purchase<br>
order for the appliance(above) on his desk for him to sign, together<br>
with a bunch of service level agreements - he does not sign it and<br>
instead demands the the IT manager get in touch with the other team at<br>
the country branch.<br>
<br>
Unfortunately the two parties don&#39;t see eye to eye the underlying<br>
reason being the manager is not familiar with this solution. Still<br>
unconvinced, the director soughts help from his pals in the market and<br>
they point him/her to some guys, &quot;they don&#39;t look professional, one of<br>
them is in jeans and a t-shirt with a penguin on it&quot; the HR manager<br>
remarks, sneering at the bunch headed to the directors office, after<br>
some consultations with the director they have the system up and<br>
running in 2 week and offer training on how to install and manage<br>
these solution.<br>
<br>
See where I&#39;m going Phares, most of these opensource solutions have a<br>
stable release, and its a matter of knowing HOWTO configure and<br>
maintain(provided that their development is on going there&#39;s more than<br>
enough support on their mailing-lists)<br>
<div><div></div><div class="h5"><br>
On 1/31/11, Thomas Kibui &lt;<a href="mailto:thomas.kibui@gmail.com">thomas.kibui@gmail.com</a>&gt; wrote:<br>
&gt; There is a third option.. Managed Security.. where an enterprise secures<br>
&gt; your perimeter as a managed services.<br>
&gt; They normally offer a range of perimeter security options ranging from<br>
&gt; Linux/FreeBSD etc  all the way to Cisco/Checkpoint boxes and licenses. The<br>
&gt; only thing is that you dont pay it off as a Capex but as a managed service<br>
&gt; based on Opex, fixed monthly  fee. The vendor has a tunnel to the devise to<br>
&gt; manage it and update all that needs to be updated.  The users have no direct<br>
&gt; control over the device but they have direct access to the logs and  can<br>
&gt; change the policy via a controlled change management process with the<br>
&gt; vendor.  The vendor has the duty of making sure that the client organization<br>
&gt; is protected from emerging threats proactively .. so they have to keep their<br>
&gt; ears and eyes open 24/7<br>
&gt;<br>
&gt;<br>
&gt; <a href="http://www.iss.net/" target="_blank">http://www.iss.net/</a><br>
&gt;<br>
&gt; <a href="http://www.clearstreamtechnology.co.uk/services-technologies/internet_security/" target="_blank">http://www.clearstreamtechnology.co.uk/services-technologies/internet_security/</a><br>
&gt;<br>
</div></div><div><div></div><div class="h5">_______________________________________________<br>
Skunkworks mailing list<br>
<a href="mailto:Skunkworks@lists.my.co.ke">Skunkworks@lists.my.co.ke</a><br>
<a href="http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks" target="_blank">http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks</a><br>
------------<br>
Skunkworks Rules<br>
<a href="http://my.co.ke/phpbb/viewtopic.php?f=24&amp;t=94" target="_blank">http://my.co.ke/phpbb/viewtopic.php?f=24&amp;t=94</a><br>
------------<br>
Other services @ <a href="http://my.co.ke" target="_blank">http://my.co.ke</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>With Regards,<br><br>Phares Kariuki<br><br>| T: +254 734 810 802 | E: <a href="mailto:pkariuki@gmail.com" target="_blank">pkariuki@gmail.com</a> | Twitter: kaboro | Skype: kariukiphares | B: <a href="http://www.kaboro.com/" target="_blank">http://www.kaboro.com/</a> |<br>


</div>