Re: OT: Av and Gartner...

["Marcus J. Ranum" <mjr () ranum com>]

> What else can you use to filter the Web and FTP traffic that concerns you--before something inside your perimeter 
> tries to render or process it? 

proxy firewalls; that's what I originally designed 'em to do. the
first generation ones were too slow (software limitations and
process models) but the idea was good. now we're heading
back to proxy firewalls, just implemented in ASICs.

>        My impression is that Gartner doesn't run anything, they just look at stuff, 

they don't even look at stuff...

> talk to people (most of whom actually pay to talk to them), and then the write up their opinions as fact.

that's right. I used to get infuriated when the Gartner guys would
go to one of my keynotes at a conference and a month later
I'd see a research report that basically was an outline of my
talk. that was when I realized that those guys were just
bottom-feeders.

>  I worked for a "dot-com" that paid Gartner for advice and we kept getting glowing reports back from Gartner about 
> how we were doing.

funny, huh?

at NFR we weren't on the magic quadrant until I bought a
$60,000 subscription. then I was on the chart. so we got
$50,000 worth of consulting and we moved closer to
being visionaries. do you think there was a connection?

>  I felt that we were getting fluffy advice from them (thinking, "How do they know our *very* niche market better than 
> we do?").  They tooted our horn to others, which made our top execs feel that we were doing great and that Gartner 
> knew a whole lot.  In retrospect I feel that Gartner was a strange PR company, not some analysis gurus--and certainly 
> no high-end integrator.

absolutely. Gartner markets itself to marketing people. their
customers are marketing departments who use the fact
that Gartner improves their reports as "proof" to stupid CEOs
that they're doing a great job...

>        I think of it this way:  You know those antiques shows on TV, where they tell you something is worth some 
> fabulous amount of money?  Don't you wish that they actually made transactions, to really show what something is 
> worth?  I feel the same way about Gartner.  Wouldn't it be different if they did real work based on the advice they 
> sell, like if they could say, "We installed all authentication systems, authorization systems, firewalls and load 
> balancing gear for Company X and, based on the similarities between your needs, we can do A, B, and C for you at this 
> price."  THAT is when I start to believe anything from Gartner (or anyone else).

I talked offline with Stiennon (before he knew who I am, hehehehe)
and one of the things he admitted was that he didn't know anyone
who used Intruvert's IPS in inline mode. *WHAT*!?!?? Intruvert was
the company they were hyping...

>        I have a disclaimer:  I don't *know* that Gartner sells garbage

I do.

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards