RE: Nortel ISA Hardware Firewall

• From: Alexandre Gauthier <gauthiera@xxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 31 Oct 2005 09:53:13 -0500

My apologies then :)
I understood it the wrong way apparently, and got the idea that you were
implying that Cisco devices like this were nothing more than glorified NAT
devices based on their upgrade procedure -- which made no sense to me at
all.

Well all's right with the world then :)

-----Message d'origine-----
De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Envoyé : 31 octobre 2005 09:24
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: Nortel ISA Hardware Firewall

http://www.ISAserver.org

What did you think I was trying to 'dis?

That some unenlightened folks refer to NAT devices as routers?

What I was trying to understand was why Syphco admins would find such a
procedure difficult. I update SOHO NAT devices all the time and don't find
it difficult, so I don't know why Cicco admins would have trouble with it.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] 
> Sent: Monday, October 31, 2005 8:18 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Nortel ISA Hardware Firewall
> 
> http://www.ISAserver.org
> 
> 
> 
> >I have white box computers that have been running 24x7x365 
> since 1998. So,
> >hardware doesn't have to fall from bonehead Olym-PUS to last 
> a long time.
> >The problem is white boxers don't have sales guys from 
> Syphco creating
> >whacky mental imagery.
> 
> The same can be said about my iptables whitebox machines :P
> And machines running since 1998 -- you never patch stuff...? 
> Or you probably
> meant on a hardware-not-software-basis. Well then yes, I have 
> machines older
> than that as well.
> 
> >If its really just about copying a bin file and doing some 
> quick with it,
> >it doesn't sound any different than any SOHO NAT device 
> (referred to as a
> >'router' by followers of J. R. "Bob" Dobbs).
> 
> I fail to see how this is supposed to be insightful. Maybe I 
> am not bathing
> in Windows-land enough to understand how this is supposed to be a
> counterargument..? =/
> 
> You wouldn't diss what you know nothing about, would you?
>  
> 
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
> > Sent: Sunday, October 30, 2005 1:00 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > 
> > http://www.ISAserver.org
> > 
> > Hi Dr. Shanker-
> > 
> > I have several about the country at my different facilities- 
> > mainly for t1's 
> > and integrated voice/data circuits.  Damn good routers, if 
> > you asked me. 
> > I've got some that are still in operation after 8 years of 
> > constant use, and 
> > have never had a single problem with any of them-not even a 
> > fan going out.
> > 
> > But yes, it is that sort of performance that make people 
> > forget they even 
> > have them, and thus, do not think they need attention. I 
> > totally agree with 
> > you on that point.  If Pescatoodles had any real insight (as 
> > you do) then he 
> > would have made that point rather than blithe on about how 
> > "really really 
> > really hard" it is to update the IOS.   But hey, it may 
> > actually be really, 
> > really, really hard for him.  Copying over a .bin file, or 
> > just replacing 
> > one in the tftp boot server and cycling the router is 
> > something my 4 year 
> > can do, but I guess not everyone has his skilz ;)
> > 
> > t
> > 
> > ----- Original Message ----- 
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Sunday, October 30, 2005 6:48 AM
> > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > 
> > 
> > http://www.ISAserver.org
> > 
> > Hi Tungsten,
> > I hear a lot of how difficult it is to upgrade the IOS, but I 
> > don't know 
> > from personal experience, since the only way Cisco will ever 
> > get any of my 
> > money is by prying it out of my cold, dead hands.
> > 
> > The problem is more related to the perception that its not 
> > requried -- since 
> > these devices were forged by Zeus with alloys created by all 
> > the pantheon, 
> > why monkey around with the eternal?
> > 
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Friday, October 28, 2005 7:22 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > > http://www.ISAserver.org
> > >
> > > I must be lucky... I just copy over the .bin file, reload, 
> > confirm my
> > > config, re-save the running config to startup and move on.
> > > I've never
> > > really had a problem updating my IOS, and I was one of the
> > > early deployers
> > > of Voice over Frame with the MC3810 series (which went
> > > through several
> > > revisions).  I've been doing it for years and years now.
> > >
> > > Do you other folks really have that much trouble upgrading
> > > Cisco IOS?  I was
> > > not surprised to hear Pescatore bitch about it, but that is
> > > for a different
> > > matter completely..
> > >
> > > t
> > >
> > >
> > >
> > > ----- Original Message ----- 
> > > From: "Tiago de Aviz" <Tiago@xxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Friday, October 28, 2005 1:56 PM
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > Hell, who wouldn't want a self-update mechanism? Updating 
> IOS is so
> > > painful that you're almost giving up when you think about it.
> > >
> > > That's a Cisco-Engineer trouble ticket generator, that's 
> what it is.
> > > Same old story as the hardware firewall: As long as it's 
> flowing hot
> > > air, it's ok.
> > >
> > >
> > >
> > > Tiago de Aviz
> > > SoftSell - Curitiba
> > > (41) 3340-2363
> > > www.softsell.com.br
> > >
> > > Esta mensagem, incluindo seus anexos, tem caráter 
> confidencial e seu
> > > conteúdo é restrito ao destinatário da mensagem. Caso você tenha
> > > recebido esta mensagem por engano, queira por favor retorná-la ao
> > > destinatário e apagá-la de seus arquivos. Qualquer uso não 
> > autorizado,
> > > replicação ou disseminação desta mensagem ou parte dela é
> > > expressamente
> > > proibido. A SoftSell não é responsável pelo conteúdo ou a 
> veracidade
> > > desta informação.
> > >
> > >
> > > >>> DBall@xxxxxxxxxxx 27/10/2005 23:08 >>>
> > >
> > > http://www.ISAserver.org
> > >
> > > Here is it, from Tuesday's SANS NewsBites Vol. 7 Num. 47:
> > > --------------------------------------------------------------
> > > ----------
> > > ---
> > > --Cisco Customers Unaccustomed to Updates
> > > (20 October 2005)
> > > Cisco CSO John Stewart says that because Cisco customers are
> > > unaccustomed to updating their network hardware operating 
> > system on a
> > > regular basis, many are still running old versions of the 
> company's
> > > Internetwork Operating System (IOS).  Mr. Stewart says 
> Cisco has not
> > > adopted automatic patching because its customers do not 
> want it.  He
> > > hopes that the outcome of an unexpected vulnerability disclosure
> > > earlier
> > > this year will be that Cisco IOS users upgrade to the 
> latest version
> > > to
> > > protect their systems.
> > > http://www.zdnet.com.au/news/security/print.htm?TYPE=story&AT=
> > > 39217949-2
> > > 000061744t-10000005c
> > > [Editor's Note (Pescatore): The issue is more that it has 
> > been really,
> > > really painful to update IOS.  It isn't a patch action, 
> it is a shut
> > > down and reload the OS action, which is very disruptive to 
> > the network
> > > and very manpower intensive. While the best solution is 
> > always better
> > > software development processes to reduce vulnerabilities, software
> > > vendors (and switch vendors ship a lot of software) have 
> to invest a
> > > lot
> > > to make the patch process easier and faster for their customers.
> > > Microsoft learned this back during the worms of 2001 and now most
> > > enterprises can patch Windows much, much faster with much 
> > less pain.]
> > > --------------------------------------------------------------
> > > ----------
> > > ---
> > >
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > Sent: Thursday, October 27, 2005 3:41 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Nortel ISA Hardware Firewall
> > >
> > > http://www.ISAserver.org
> > >
> > > Hi Dan,
> > >
> > > That would be great!
> > > Thanks!
> > > Tom
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > > **Who is John Galt?**
> > >
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as:
> > > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: 
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gauthiera@xxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall
• » RE: Nortel ISA Hardware Firewall

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---