Re: Pix rulebase/policy analysis

[James <jimbob.coffey () gmail com>]

On 9/23/07, Richard Golodner <rgolodner () infratection com> wrote:
>         My suggestions were based on the fact that he describes himself as
> new to the Pix. You make very good points regarding the text editor, but I
> have never had a problem using one.

That's the problem, you never have a problem until you have one ;-)

>         Version drift is also a concern, but hopefully there is only one
> person actually making the changes to the device and maintaining the
> documentation. Even at some of the larger SPs I have worked at there was one
> person devoted to this task.

Wow one person !!!! . A point of failure not too mention a security
risk (unless all changes
are audited by another party).  It must be a low change environment
which is great if you can get it but i would still worry about the
getting hit by a bus scenario.

>         Obviously you are a much younger person than me as you demonstrate
> insight into current technologies that an old man like me is just too lazy
> to incorporate. LOL!

I think it is the other way around.  I am too lazy to maintain
multiple sets of doco
when the devices can do it themselves.  It's a bit like coding, use
variables and function names that have real meaning and you can halve
your code comments.

-- 
jac
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards