Home page logo

nanog logo nanog mailing list archives

Re: Barracuda Networks is at it again: Any Suggestions as to an Alternative?
From: Joel M Snyder <Joel.Snyder () Opus1 COM>
Date: Sun, 10 Apr 2011 14:59:43 +0200

It's quite easy to build your own [out of open-source components] that
easily outperforms any appliance on the market.  (Which isn't saying
much: none of them are very good, and all of them are way overpriced.
The bar is thus set quite low.)  It will not have all the superfluous
bells and whistles that marketing departments are so fond of hyping,
but it will work, it will be cheap, it will be scalable, and it will be
far more secure.

Is there any aspect of this screed that you can support with data, preferably data published this decade? Of course, I understand that "overpriced" and "superfluous bells and whistles" and "far more secure" are fairly subjective criteria, but numbers such as efficacy and specificity are easy to compare. I'd also be interested in hearing about any cases where someone compromised a production Barracuda, Ironport, or similar appliance--or does your definition of "far more secure" include other substantive components that matter more?

I've discussed this at some length on mailop and am in the process of
reducing it to near-cookbook form.  If you're interested, contact me
offlist and I'll outline it for you.

I'd be interested in seeing you put your money where your mouth is regarding catch rate and false positive rate. Contact me off-list with a place where I can FTP a VM of one of your appliances.


Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One       Phone: +1 520 324 0494
jms () Opus1 COM                http://www.opus1.com/jms

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]