RE: Nortel ISA Hardware Firewall
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 31 Oct 2005 08:24:06 -0600
What did you think I was trying to 'dis?
That some unenlightened folks refer to NAT devices as routers?
What I was trying to understand was why Syphco admins would find such a
procedure difficult. I update SOHO NAT devices all the time and don't find it
difficult, so I don't know why Cicco admins would have trouble with it.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]
> Sent: Monday, October 31, 2005 8:18 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Nortel ISA Hardware Firewall
>
> http://www.ISAserver.org
>
>
>
> >I have white box computers that have been running 24x7x365
> since 1998. So,
> >hardware doesn't have to fall from bonehead Olym-PUS to last
> a long time.
> >The problem is white boxers don't have sales guys from
> Syphco creating
> >whacky mental imagery.
>
> The same can be said about my iptables whitebox machines :P
> And machines running since 1998 -- you never patch stuff...?
> Or you probably
> meant on a hardware-not-software-basis. Well then yes, I have
> machines older
> than that as well.
>
> >If its really just about copying a bin file and doing some
> quick with it,
> >it doesn't sound any different than any SOHO NAT device
> (referred to as a
> >'router' by followers of J. R. "Bob" Dobbs).
>
> I fail to see how this is supposed to be insightful. Maybe I
> am not bathing
> in Windows-land enough to understand how this is supposed to be a
> counterargument..? =/
>
> You wouldn't diss what you know nothing about, would you?
>
>
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Sunday, October 30, 2005 1:00 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> >
> > http://www.ISAserver.org
> >
> > Hi Dr. Shanker-
> >
> > I have several about the country at my different facilities-
> > mainly for t1's
> > and integrated voice/data circuits. Damn good routers, if
> > you asked me.
> > I've got some that are still in operation after 8 years of
> > constant use, and
> > have never had a single problem with any of them-not even a
> > fan going out.
> >
> > But yes, it is that sort of performance that make people
> > forget they even
> > have them, and thus, do not think they need attention. I
> > totally agree with
> > you on that point. If Pescatoodles had any real insight (as
> > you do) then he
> > would have made that point rather than blithe on about how
> > "really really
> > really hard" it is to update the IOS. But hey, it may
> > actually be really,
> > really, really hard for him. Copying over a .bin file, or
> > just replacing
> > one in the tftp boot server and cycling the router is
> > something my 4 year
> > can do, but I guess not everyone has his skilz ;)
> >
> > t
> >
> > ----- Original Message -----
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Sunday, October 30, 2005 6:48 AM
> > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Tungsten,
> > I hear a lot of how difficult it is to upgrade the IOS, but I
> > don't know
> > from personal experience, since the only way Cisco will ever
> > get any of my
> > money is by prying it out of my cold, dead hands.
> >
> > The problem is more related to the perception that its not
> > requried -- since
> > these devices were forged by Zeus with alloys created by all
> > the pantheon,
> > why monkey around with the eternal?
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Friday, October 28, 2005 7:22 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > > http://www.ISAserver.org
> > >
> > > I must be lucky... I just copy over the .bin file, reload,
> > confirm my
> > > config, re-save the running config to startup and move on.
> > > I've never
> > > really had a problem updating my IOS, and I was one of the
> > > early deployers
> > > of Voice over Frame with the MC3810 series (which went
> > > through several
> > > revisions). I've been doing it for years and years now.
> > >
> > > Do you other folks really have that much trouble upgrading
> > > Cisco IOS? I was
> > > not surprised to hear Pescatore bitch about it, but that is
> > > for a different
> > > matter completely..
> > >
> > > t
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: "Tiago de Aviz" <Tiago@xxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Friday, October 28, 2005 1:56 PM
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > Hell, who wouldn't want a self-update mechanism? Updating
> IOS is so
> > > painful that you're almost giving up when you think about it.
> > >
> > > That's a Cisco-Engineer trouble ticket generator, that's
> what it is.
> > > Same old story as the hardware firewall: As long as it's
> flowing hot
> > > air, it's ok.
> > >
> > >
> > >
> > > Tiago de Aviz
> > > SoftSell - Curitiba
> > > (41) 3340-2363
> > > www.softsell.com.br
> > >
> > > Esta mensagem, incluindo seus anexos, tem caráter
> confidencial e seu
> > > conteúdo é restrito ao destinatário da mensagem. Caso você tenha
> > > recebido esta mensagem por engano, queira por favor retorná-la ao
> > > destinatário e apagá-la de seus arquivos. Qualquer uso não
> > autorizado,
> > > replicação ou disseminação desta mensagem ou parte dela é
> > > expressamente
> > > proibido. A SoftSell não é responsável pelo conteúdo ou a
> veracidade
> > > desta informação.
> > >
> > >
> > > >>> DBall@xxxxxxxxxxx 27/10/2005 23:08 >>>
> > >
> > > http://www.ISAserver.org
> > >
> > > Here is it, from Tuesday's SANS NewsBites Vol. 7 Num. 47:
> > > --------------------------------------------------------------
> > > ----------
> > > ---
> > > --Cisco Customers Unaccustomed to Updates
> > > (20 October 2005)
> > > Cisco CSO John Stewart says that because Cisco customers are
> > > unaccustomed to updating their network hardware operating
> > system on a
> > > regular basis, many are still running old versions of the
> company's
> > > Internetwork Operating System (IOS). Mr. Stewart says
> Cisco has not
> > > adopted automatic patching because its customers do not
> want it. He
> > > hopes that the outcome of an unexpected vulnerability disclosure
> > > earlier
> > > this year will be that Cisco IOS users upgrade to the
> latest version
> > > to
> > > protect their systems.
> > > http://www.zdnet.com.au/news/security/print.htm?TYPE=story&AT=
> > > 39217949-2
> > > 000061744t-10000005c
> > > [Editor's Note (Pescatore): The issue is more that it has
> > been really,
> > > really painful to update IOS. It isn't a patch action,
> it is a shut
> > > down and reload the OS action, which is very disruptive to
> > the network
> > > and very manpower intensive. While the best solution is
> > always better
> > > software development processes to reduce vulnerabilities, software
> > > vendors (and switch vendors ship a lot of software) have
> to invest a
> > > lot
> > > to make the patch process easier and faster for their customers.
> > > Microsoft learned this back during the worms of 2001 and now most
> > > enterprises can patch Windows much, much faster with much
> > less pain.]
> > > --------------------------------------------------------------
> > > ----------
> > > ---
> > >
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > Sent: Thursday, October 27, 2005 3:41 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > > http://www.ISAserver.org
> > >
> > > Hi Dan,
> > >
> > > That would be great!
> > > Thanks!
> > > Tom
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > > **Who is John Galt?**
> > >
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as:
> > > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as:
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
