Firewall Wizards mailing list archives
RE: Hardware tokens for remote access authentication
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sat, 10 Jul 2004 11:03:39 -0400
Woeltje, Don wrote:
Best of all, I don't have to be a programmer and "write my own code".
For example, there are S/key ports already for Pilot. S/key is not as attractive for users as something like a SecurID and because the Pilot already has a clock in it, using a time-code makes more sense. http://www.swcp.com/~hudson/pilot/ has some links. We're talking a week's work for an entry level programmer or 2-3 day's work for a senior programmer. Total cost is very very low. And then you own it, and have no maintenance and recurring payments. You can scale it as much as you like and if it isn't broken you don't need to fix it. You can also not worry about the constant danger that your vendor will get gobbled up by another vendor and the technology you just invested $300,000 in becomes useless unsupported junk. I know I am insane but the more I look at the industry and the cost-to-benefit of dealing with all the intangible costs of vendor solutions and the headaches that entail I don't think it's worth it anymore. In fact, I think that the cost savings of much COTS software are largely illusory, except for the stuff that is totally commoditized (in which case: pick a version that works and freeze on it. I intent do use Office 97 until Microsoft makes sure it won't work on some version of Windows; in which case I will freeze Windows versions) I had a consulting client that was, corporate-wide, spending $500,000/year on maintenance for their firewall product of choice. Heck, you can build a pretty good firewall for less than that and own it outright for a one-time cost. Ongoing maintenance is only an issue if you're stuck in the inane F-with-it, patch it, F-with-it, patch it loop. Those who can't "be a programmer and write their own code" are in "bend over and take it" mode. If you're comfortable in that position, then relax and enjoy the ride! mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Hardware tokens for remote access authentication Bill Kyle (Jul 08)
- Re: Hardware tokens for remote access authentication Marcus J. Ranum (Jul 08)
- Message not available
- Re: Hardware tokens for remote access authentication Marcus J. Ranum (Jul 13)
- Re: Hardware tokens for remote access authentication Vin McLellan (Jul 13)
- Re: Hardware tokens for remote access authentication Marcus J. Ranum (Jul 13)
- Re: Hardware tokens for remote access authentication Vin McLellan (Jul 13)
- Re: Hardware tokens for remote access authentication ArkanoiD (Jul 15)
- Re: Hardware tokens for remote access authentication ArkanoiD (Jul 15)
- Message not available
- Re: Hardware tokens for remote access authentication Marcus J. Ranum (Jul 08)
- <Possible follow-ups>
- RE: Hardware tokens for remote access authentication Woeltje, Don (Jul 10)
- Message not available
- RE: Hardware tokens for remote access authentication Marcus J. Ranum (Jul 13)
- Message not available